漏洞信息详情

Mozilla Firefox 本地url处理跨站漏洞

漏洞简介

Firefox是Mozilla所发布的开源WEB浏览器。

处理本地目录列表中所包含的文件URL方式中的漏洞可能导致执行恶意JavaScript内容。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

http://www.mozilla.com/en-US/firefox/all.html

参考网址

来源: FEDORA

名称: FEDORA-2008-6196

链接:https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html

来源: FEDORA

名称: FEDORA-2008-6193

链接:https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html

来源: FEDORA

名称: FEDORA-2008-6127

链接:https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html

来源: CONFIRM

名称: https://issues.rpath.com/browse/RPL-2646

链接:https://issues.rpath.com/browse/RPL-2646

来源: CONFIRM

名称: https://bugzilla.mozilla.org/show_bug.cgi?id=411433

链接:https://bugzilla.mozilla.org/show_bug.cgi?id=411433

来源: VUPEN

名称: ADV-2009-0977

链接:http://www.vupen.com/english/advisories/2009/0977

来源: UBUNTU

名称: USN-619-1

链接:http://www.ubuntu.com/usn/usn-619-1

来源: SECTRACK

名称: 1020419

链接:http://www.securitytracker.com/id?1020419

来源: BID

名称: 30038

链接:http://www.securityfocus.com/bid/30038

来源: BUGTRAQ

名称: 20080708 rPSA-2008-0216-1 firefox

链接:http://www.securityfocus.com/archive/1/archive/1/494080/100/0/threaded

来源: REDHAT

名称: RHSA-2008:0569

链接:http://www.redhat.com/support/errata/RHSA-2008-0569.html

来源: REDHAT

名称: RHSA-2008:0549

链接:http://www.redhat.com/support/errata/RHSA-2008-0549.html

来源: REDHAT

名称: RHSA-2008:0547

链接:http://www.redhat.com/support/errata/RHSA-2008-0547.html

来源: www.mozilla.org

链接:http://www.mozilla.org/security/announce/2008/mfsa2008-30.html

来源: www.mozilla.org

链接:http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15

来源: MANDRIVA

名称: MDVSA-2008:136

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:136

来源: VUPEN

名称: ADV-2008-1993

链接:http://www.frsirt.com/english/advisories/2008/1993/references

来源: DEBIAN

名称: DSA-1697

链接:http://www.debian.org/security/2009/dsa-1697

来源: DEBIAN

名称: DSA-1615

链接:http://www.debian.org/security/2008/dsa-1615

来源: DEBIAN

名称: DSA-1607

链接:http://www.debian.org/security/2008/dsa-1607

来源: wiki.rpath.com

链接:http://wiki.rpath.com/Advisories:rPSA-2008-0216

来源: SUNALERT

名称: 256408

链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

来源: SLACKWARE

名称: SSA:2008-191

链接:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911

来源: SLACKWARE

名称: SSA:2008-191-03

链接:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152

来源: GENTOO

名称: GLSA-200808-03

链接:http://security.gentoo.org/glsa/glsa-200808-03.xml

来源: SECUNIA

名称: 34501

链接:http://secunia.com/advisories/34501

来源: SECUNIA

名称: 33433

链接:http://secunia.com/advisories/33433

来源: SECUNIA

名称: 31377

链接:http://secunia.com/advisories/31377

来源: SECUNIA

名称: 31195

链接:http://secunia.com/advisories/31195

来源: SECUNIA

名称: 31183

链接:http://secunia.com/advisories/31183

来源: SECUNIA

名称: 31069

链接:http://secunia.com/advisories/31069

来源: SECUNIA

名称: 31023

链接:http://secunia.com/advisories/31023

来源: SECUNIA

名称: 31021

链接:http://secunia.com/advisories/31021

来源: SECUNIA

名称: 31008

链接:http://secunia.com/advisories/31008

来源: SECUNIA

名称: 31005

链接:http://secunia.com/advisories/31005

来源: SECUNIA

名称: 30949

链接:http://secunia.com/advisories/30949

来源: SECUNIA

名称: 30911

链接:http://secunia.com/advisories/30911

来源: SECUNIA

名称: 30903

链接:http://secunia.com/advisories/30903

来源: SECUNIA

名称: 30898

链接:http://secunia.com/advisories/30898

来源: SECUNIA

名称: 30878

链接:http://secunia.com/advisories/30878

来源: REDHAT

名称: RHSA-2008:0616

链接:http://rhn.redhat.com/errata/RHSA-2008-0616.html

来源: SUSE

名称: SUSE-SA:2008:034

链接:http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多