Mandriva Linux Security Advisory 2009:198: firefox

Article Source Mandriva Linux Security Advisories

Security issues were identified and fixed in firefox 3.0.x:

Security researcher Juan Pablo Lopez Yacubian reported that an attacker
could call window.open() on an invalid URL which looks similar to a
legitimate URL and then use document.write() to place content within
the new document, appearing to have come from the spoofed location
(CVE-2009-2654).

Moxie Marlinspike reported a heap overflow vulnerability in the
code that handles regular expressions in certificate names. This
vulnerability could be used to compromise the browser and run arbitrary
code by presenting a specially crafted certificate to the client
(CVE-2009-2404)…

RELATED ARTICLESMORE FROM AUTHOR

Get your all-access pass to career greatness—use code: AUG25 to save 35% today!

How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM

Automating Compliance Management with UTMStack’s Open Source SIEM & XDR

Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces

Xen 4.19 is released

RELATED ARTICLES MORE FROM AUTHOR