PALMisLIFE 討論區
標題:
[新聞] 【TWCERT/CC安全通報】Firefox 瀏覽器安全性更新
[列印本頁]
作者:
lyr
時間:
2005-3-2 10:42
標題:
[新聞] 【TWCERT/CC安全通報】Firefox 瀏覽器安全性更新
唉~~ 連 FF 都免不了一樣的命運啊
果然樹大招風...B)
-----BEGIN PGP SIGNED MESSAGE-----
升級至 Mozilla Firefox 瀏覽器 1.0.1 版,修正多個安全弱點。
MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
MFSA 2005-27 Plugins can be used to load privileged content
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-23 Download dialog source spoofing
MFSA 2005-22 Download dialog spoofing using Content-Disposition header
MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-19 Autocomplete data leak
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing
註:繁體中文版的 Firefox 1.0.1 尚未發佈。
網址:http://www.mozilla.org/products/firefox/releases/
下載:http://www.mozilla.org/products/firefox/all.html
──── 聯絡TWCERT/CC ────────────────────────────
Tel: 886-7-5250211 FAX: 886-7-5250212
886-2-23563303 886-2-23924082
Email:
twcert@cert.org.tw
URL:
http://www.cert.org.tw/
PGP key:
http://www.cert.org.tw/eng/pgp.htm
────────────────────────────────────────
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
iQEVAwUBQiUiaqcyQYefg2/NAQFYnAgAg/VxRBWCRD6glETpZvkAXNF4RNbWEqGo
+j0Xi9Sh+u5C826oZ9K3Z1SVnN4FJjXZqPtUKBzsSfjkZRc46b/iiGtvHKrPfzBi
n+i1j0RpM+Np9Io8DVr7noWDTMhWgbrrlufz8AMUL6VNpTqpvsf7pDBfTA3tkXE/
n0+p7/JnsHLgIc3uQXv9gUDP1A+GNcr/fScJNtYoSQ6V/PMiJuEo/w2NHZLnw5YZ
Wmqm0EUemyaRnhgBNu94hnq+z5e/ZS7L87iC03dsK+xQo15SL52+p3FD2tdYHYUO
pHiUR/06ENKjFYQSahKOY8dVXeDzKCT7+udTVqDEKpYKysjjdMbatg==
=kJJM
-----END PGP SIGNATURE-----
--
Taiwan Computer Emergency Response Team Security Advisory mailing list.
Mail to :
Majordomo@cert.org.tw
and include a line "subscribe advisory".
Please visit
http://www.cert.org.tw/.
PGP key :
http://www.cert.org.tw/eng/pgp.htm
歡迎光臨 PALMisLIFE 討論區 (http://f.pil.tw/)
Powered by Discuz! X2.5