Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities

Threat level definition

Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities

References:

CESA-2008-011 - Firefox cross-domain information theft (simple text strings, som (Chris Evans)
Mozilla Homepage (Mozilla Foundation)
Firefox cross-domain text theft (CESA-2008-011) ("Chris Evans" )
ASA-2008-506 - firefox security update (RHSA-2008-1036) (Avaya)
ASA-2009-007 seamonkey security update (RHSA-2008-1037) (Avaya)
ASA-2009-158 - Multiple Security Vulnerabilities in Firefox Versions Before 2.0. (Avaya)
MFSA 2008-60: Crashes with evidence of memory corruption (Mozilla)
MFSA 2008-61: Information stealing via loadBindingDocument (Mozilla)
MFSA 2008-62: Additional XSS attack vectors in feed preview (Mozilla)
MFSA 2008-63: User tracking via XUL persist attribute (Mozilla)
MFSA 2008-64: XMLHttpRequest 302 response disclosure (Mozilla)
MFSA 2008-65: Cross-domain data theft via script redirect error message (Mozilla)
MFSA 2008-66: Errors parsing URLs with leading whitespace and control characters (Mozilla)
MFSA 2008-67: Escaped null characters ignored by CSS parser (Mozilla)
MFSA 2008-68: XSS and JavaScript privilege escalation (Mozilla)
MFSA 2008-69: XSS vulnerabilities in SessionStore (Mozilla)
Nortel Response to Sun Alert 256408 - Solaris 10 - Vulnerabilities in Firefox Ma (Nortel Networks)
Solution 258748 : Multiple Security Vulnerabilities in Mozilla Thunderbird Ve (Sun)

Privacy Statement
Copyright 2008, SecurityFocus