Security update for MozillaFirefox
(Last modified: 19MAY2005)
solutions Security update for MozillaFirefox SuSE Linux Maintenance Web (3c5963bf1d6c9c68845299a778b819e5)
Product(s): Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
MFSA 2005-42: A problem in the install confirmation dialog together with a bad fix for MFSA 2005-41 allowed a local attacker to execute arbitrary code with the help of a cross site scripting problem on the Mozilla website.
MFSA 2005-44: A variant of MFSA 2005-41 overrides properties on a non-DOM node and then substitutes that object for one chrome script will access. Most examples involved the attacker synthesizing an event targeted at a non-DOM node, and overriding standard DOM node properties such as type with references to eval() calls or Script() objects.
rpm -Fvh MozillaFirefox.rpm MozillaFirefox-translations.rpm
Download Source Packages
Download the source code of the patches for maintained products.
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.