Firefox 3.09 Update Fixes Memory Curruption and Same-Origin Violations
Thursday, April 23, 2009 at 08:28AM
drStrangeP0rk

There are four crash bugs which leads to memory corruption. If the user had root privileges then an attack could execute code with those privileges. 

Same-Origin is a concept that relates to sscripting in web pages, this allows for the access of scripts originating from the same site to access each others methods and variables without limits. One involves Adobe Flash plug-in. This can allow attackers to execute scripts under the context of a legitimate web site, using cross site scripting (XXS) or cross-site request forgery (CSRF). 

It is recomended that this upodate be installed. 

Update on Wednesday, April 29, 2009 at 07:39AM by Registered CommenterdrStrangeP0rk

New problems introduced by fixes in update 3.0.9 require an update to 3.0.10 including a crash bug and a memory corruption vulnerability that may be exploitable. Make sure to check for updates when opening Firefox. (There is alos a No-Script update that should be installed as well.) It is always recommended that the home/soho user(s) set Auto-Update to check everyday for updates. For larger organizations the selection should be based on their patch and update policy. 

Article originally appeared on magmatic.com (http://www.magmatic.com/).
See website for complete article licensing information.