Status Tracking Note TRTA07-199A

Mozilla Updates for Multiple Vulnerabilities

Overview

The Mozilla web browser and derived products contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
Event Information

Date (UTC)Description
2007-07-19 Mozilla
Mozilla Thunderbird 2.0.0.5 Release
2007-07-18 20:34 SANS Internet Storm Center
Security Update for Firefox: 2.0.0.5
2007-07-18 20:27 US-CERT
TA07-199A: Mozilla Addresses Multiple Vulnerabilities
Via US-CERT Mailing List
The Mozilla web browser and derived products contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
2007-07-18 13:36 US-CERT
Multiple Vulnerabilities in Mozilla Firefox
US-CERT is aware of multiple vulnerabilities affecting the Mozilla Firefox web browser. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code, inject and execute arbitrary script, or cause memory corruption on an affected system.
2007-07-18 05:46 SANS Internet Storm Center
New Version of FireFox
2007-07-17 Mozilla
mfsa2007-21: Privilege escallation using an event handler attached to an element not in the document
2007-07-17 Mozilla
mfsa2007-20: Frame spoofing while window is loading
2007-07-17 Mozilla
mfsa2007-19: XSS using addEventListener and setTimeout
2007-07-17 Mozilla
mfsa2007-18: Crashes with evidence of memory corruption
2007-07-17 Mozilla
Mozilla Firefox 2.0.0.5 Release
2007-07-17 Mozilla
mfsa2007-25: XPCNativeWrapper pollution
2007-07-17 Mozilla
mfsa2007-24: Unauthorized access to wyciwyg:// documents
2007-07-17 Mozilla
mfsa2007-23: Remote code execution by launching Firefox from Internet Explorer
2007-07-17 Mozilla
mfsa2007-22: File type confusion due to %00 in name


Date first published (UTC): 2007-07-22T20:36+00:00
Date last updated (UTC): 2007-07-22T20:36+00:00