• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mozilla Firefox/SeaMonkey/Thunderbird Multiple Remote Vulnerabilities

The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.16 and prior versions, Firefox 3.0.1 and prior versions, Thunderbird 2.0.0.16 and prior versions, and SeaMonkey 1.1.11 and prior versions.

Exploiting these issues can allow attackers to:

- traverse directories
- obtain potentially sensitive information
- execute scripts with elevated privileges
- execute arbitrary code
- cause denial-of-service conditions
- carry out cross-site scripting attacks
- steal authentication credentials
- force users to download files
- violate the same-origin policy

Other attacks are also possible.