PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Mandriva Linux Security Advisory 2012-032-1



newsbot
18.04.2012, 00:12
Mandriva Linux Security Advisory 2012-032 - Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Security researchers Blair Strang and Scott Bell of Security Assessment found that when a parent window spawns and closes a child window that uses the file open dialog, a crash can be induced in shlwapi.dll on 32-bit Windows 7 systems. This crash may be potentially exploitable. Firefox prevents the dropping of javascript: links onto a frame to prevent malicious sites from tricking users into performing a cross-site scripting attacks on themselves. Security researcher Soroush Dalili reported a way to bypass this protection. Various other issues were also addressed.

Weiterlesen... (http://packetstormsecurity.org/files/111921/MDVSA-2012-032-1.txt)