what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-1600-1

Posted Oct 9, 2012

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1600-1 - Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Firefox. If a user were tricked into opening a specially crafted web page, a remote attacker could cause Firefox to crash or potentially execute arbitrary code as the user invoking the program. David Bloom and Jordi Chancel discovered that Firefox did not always properly handle the select element. A remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary, spoof

systems | linux, ubuntu

advisories | CVE-2012-3989, CVE-2012-3984, CVE-2012-3985, CVE-2012-3986, CVE-2012-3991, CVE-2012-3992, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188, CVE-2012-3982, CVE-2012-3983, CVE-2012-3984, CVE-2012-3985, CVE-2012-3986, CVE-2012-3988, CVE-2012-3989, CVE-2012-3990, CVE-2012-3991, CVE-2012-3992, CVE-2012-3993, CVE-2012-3994, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180

SHA-256 | 52d4985f972acd6526809efd0178dfe1a88fc1c7f8bc2f4038bc75fa704e6f04

Download | Favorite | View

Related Files

No related files