The Firefox update to 3.0.6 is out. It fixes a couple of vulnerabilities, one of them labeled critical.
Fixed in Firefox 3.0.6
MFSA 2009-06 Directives to not cache pages ignored
MFSA 2009-05 XMLHttpRequest allows reading HTTPOnly cookies
MFSA 2009-04 Chrome privilege escalation via local .desktop files
MFSA 2009-03 Local file stealing with SessionStore
MFSA 2009-02 XSS using a chrome XBL method and window.eval
MFSA 2009-01 Crashes with evidence of memory corruption (rv:1.9.0.6)
See http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.6
Posts
No comments:
Post a Comment