Firefox 3.0.11 Released

June 11, 2009 – 7:49 PM

Firefox 3.0.11 fixes several security issues found in Firefox 3.0.10:

  • JavaScript chrome privilege escalation
  • XUL scripts bypass content-policy checks
  • Incorrect principal set for file: resources loaded via location bar
  • Arbitrary code execution using event listeners attached to an element whose owner document is null
  • Race condition while accessing the private data of a NPObject JS wrapper class object
  • SSL tampering via non-200 responses to proxy CONNECT requests
  • Arbitrary domain cookie access by local file: resources
  • URL spoofing with invalid unicode characters
  • Crashes with evidence of memory corruption (rv:1.9.0.11)

firefox_3011

Run a Check for Updates off of the Help Menu, or download a fresh copy here:
http://www.mozilla.com/en-US/firefox/

You must be logged in to post a comment.

Copyright 2008-2024 PC Sympathy - Entries (RSS) - Sitemap