Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Firefox 3.0.2 Released - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Firefox 3.0.2 Released

Firefox 3.0.2 was released today. The release notes are available here.

It addresses 5 security vulnerabilities:

  • MFSA-2008-40 - forced mouse drag
  • MFSA-2008-41 - Privilege escalation via XPCnativeWrapper pollution
  • MFSA-2008-42 - Crashes with evidence of memory corruption (rv:
  • MFSA-2008-43 - BOM characters stripped from JavaScript before execution
  • MFSA-2008-44 - resource: traversal vulnerabilities

Mozilla considers the impact of the -41 and -42 issues to be critical, the -43 and -44 issues to be moderate and the -40 issue to be low.

David Goldsmith
SANS / ISC Handler


78 Posts
Sep 24th 2008

Sign Up for Free or Log In to start participating in the conversation!