Security > Security Alerts & Briefings

Firefox vulnerability may allow remote code execution

(1/1)

Eric the Red:
The following security briefing in respect of Firefox was released May 4th, 2006, for versions up to and including 1.5.0.2:


--- Quote ---OVERVIEW:

        Mozilla Firefox contains a vulnerability that may allow a remote
        attacker to execute arbitrary code or create a denial of service
        condition.


IMPACT:

        An attacker may be able to execute arbitrary code by convincing a user
        to visit a specially crafted web site employing the
        contentWindow.focus() method.
--- End quote ---

You are advised to upgrade Firefox to version Update Firefox to version 1.5.0.3

Full details may be found at this Uniras page.

The latest version may be found at http://www.mozilla.com/firefox/releases/1.5.0.3.html

Navigation

[0] Message Index

Go to full version