Websecurity - Веб безпека

Нещодавно були виявлені декілька проблем безпеки в Mozilla та продуктах на його основі, такому як Mozilla Firefox. Проект CVE повідомляє про наступні уразливості:

• The Javascript engine might allow remote attackers to execute arbitrary code.
• Multiple integer overflows in the Javascript engine might allow remote attackers to execute arbitrary code.
• Specially crafted Javascript allows remote attackers to execute arbitrary code.
• Remote AutoConfig (PAC) servers could execute code with elevated privileges via a specially crafted PAC script.
• Scripts with the UniversalBrowserRead privilege could gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data.
• Multiple vulnerabilities allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

Додаткова інформація:

• New Mozilla Firefox packages fix several vulnerabilities (деталі)

This entry was posted on 22:55 27.09.2006 and is filed under Новини, Помилки. You can follow any responses to this entry through the RSS 2.0 feed.