Status Tracking Note TRTA07-199A

Mozilla Updates for Multiple Vulnerabilities

The Mozilla web browser and derived products contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.

Event Information

Date (UTC)	Description
2007-07-19	Mozilla Mozilla Thunderbird 2.0.0.5 Release
2007-07-18 20:34	SANS Internet Storm Center Security Update for Firefox: 2.0.0.5
2007-07-18 20:27	US-CERT TA07-199A: Mozilla Addresses Multiple Vulnerabilities Via US-CERT Mailing List The Mozilla web browser and derived products contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
2007-07-18 13:36	US-CERT Multiple Vulnerabilities in Mozilla Firefox US-CERT is aware of multiple vulnerabilities affecting the Mozilla Firefox web browser. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code, inject and execute arbitrary script, or cause memory corruption on an affected system.
2007-07-18 05:46	SANS Internet Storm Center New Version of FireFox
2007-07-17	Mozilla mfsa2007-21: Privilege escallation using an event handler attached to an element not in the document
2007-07-17	Mozilla mfsa2007-20: Frame spoofing while window is loading
2007-07-17	Mozilla mfsa2007-19: XSS using addEventListener and setTimeout
2007-07-17	Mozilla mfsa2007-18: Crashes with evidence of memory corruption
2007-07-17	Mozilla Mozilla Firefox 2.0.0.5 Release
2007-07-17	Mozilla mfsa2007-25: XPCNativeWrapper pollution
2007-07-17	Mozilla mfsa2007-24: Unauthorized access to wyciwyg:// documents
2007-07-17	Mozilla mfsa2007-23: Remote code execution by launching Firefox from Internet Explorer
2007-07-17	Mozilla mfsa2007-22: File type confusion due to %00 in name


Date first published (UTC):	2007-07-22T20:36+00:00
Date last updated (UTC):	2007-07-22T20:36+00:00