[轉錄]【TWCERT/CC安全通報】Firefox 瀏覽器安全性更新

看板NetSecurity (資安資訊安全)作者Lan.時間20年前 (2005/03/03 02:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

※ 本文轉錄自 [Lan] 信箱作者: twcert@cert.org.tw (TWCERT/CC Fellows) 標題: 【TWCERT/CC安全通報】Firefox 瀏覽器安全性更新時間: Wed Mar 2 10:27:06 2005 -----BEGIN PGP SIGNED MESSAGE----- 升級至 Mozilla Firefox 瀏覽器 1.0.1 版，修正多個安全弱點。 MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files MFSA 2005-27 Plugins can be used to load privileged content MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab MFSA 2005-25 Image drag and drop executable spoofing MFSA 2005-24 HTTP auth prompt tab spoofing MFSA 2005-23 Download dialog source spoofing MFSA 2005-22 Download dialog spoofing using Content-Disposition header MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts MFSA 2005-19 Autocomplete data leak MFSA 2005-18 Memory overwrite in string library MFSA 2005-17 Install source spoofing with user:pass@host MFSA 2005-16 Spoofing download and security dialogs with overlapping windows MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion MFSA 2005-14 SSL "secure site" indicator spoofing MFSA 2005-13 Window Injection Spoofing 註：繁體中文版的 Firefox 1.0.1 尚未發佈。網址：http://www.mozilla.org/products/firefox/releases/ 下載：http://www.mozilla.org/products/firefox/all.html ──── 聯絡TWCERT/CC ──────────────────────────── Tel: 886-7-5250211 FAX: 886-7-5250212 886-2-23563303 886-2-23924082 Email: twcert@cert.org.tw URL: http://www.cert.org.tw/ PGP key: http://www.cert.org.tw/eng/pgp.htm ──────────────────────────────────────── -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQEVAwUBQiUiaqcyQYefg2/NAQFYnAgAg/VxRBWCRD6glETpZvkAXNF4RNbWEqGo +j0Xi9Sh+u5C826oZ9K3Z1SVnN4FJjXZqPtUKBzsSfjkZRc46b/iiGtvHKrPfzBi n+i1j0RpM+Np9Io8DVr7noWDTMhWgbrrlufz8AMUL6VNpTqpvsf7pDBfTA3tkXE/ n0+p7/JnsHLgIc3uQXv9gUDP1A+GNcr/fScJNtYoSQ6V/PMiJuEo/w2NHZLnw5YZ Wmqm0EUemyaRnhgBNu94hnq+z5e/ZS7L87iC03dsK+xQo15SL52+p3FD2tdYHYUO pHiUR/06ENKjFYQSahKOY8dVXeDzKCT7+udTVqDEKpYKysjjdMbatg== =kJJM -----END PGP SIGNATURE----- -- Taiwan Computer Emergency Response Team Security Advisory mailing list. Mail to : Majordomo@cert.org.tw and include a line "subscribe advisory". Please visit http://www.cert.org.tw/. PGP key : http://www.cert.org.tw/eng/pgp.htm