Mozilla Thunderbird/SeaMonkey/Firefox Multiple Remote Vulnerabilities

Some of the vulnerabilities described in this BID do not require exploits.

Proof-of-concept exploits are available in the Mozilla Bugzilla database, but are not currently available to the general public.

Update: It has been revealed that Firefox is still vulnerable to the issue outlined in MFSA 2007-02. Pages followed through 'href' links and embedded iframes inherit the character set of parent pages when a user has manually set the browser charset.

A proof of concept is available at the following URI.


Privacy Statement
Copyright 2010, SecurityFocus