FireFox 3.0.4

Mozilla released Firefox 3.0.4 on November 12, 2008
Firefox 3.0.4 fixes several issues found in Firefox 3.0.3 including several security issues and several stability issues.

Fixed in Firefox 3.0.4 [1]
MFSA 2008-58 Parsing error in E4X default namespace
MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
MFSA 2008-55 Crash and remote code execution in nsFrameManager
MFSA 2008-54 Buffer overflow in http-index-format parser
MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
MFSA 2008-52 Crashes with evidence of memory corruption (rv:
MFSA 2008-51 file: URIs inherit chrome privileges when opened from chrome
MFSA 2008-47 Information stealing via local shortcut files

Vulnerability ratings: 4 Critical, 2 High, 2 Moderate, 1 Low
Evaluation: Update now

We strongly recommend that all Firefox users upgrade to this latest release. If you already have Firefox 3 or Firefox 2, you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting “Check for Updates…” from the Help menu. [3]

[1] Fixed in Firefox 3.0.4 [Mozilla]
[2] Mozilla Firefox 3.0.4 Release Notes [Mozilla]
[3] Firefox and 3.0.4 security updates now available for download (2008-Nov-12) [Mozilla]

This entry was posted in firefox, patch, security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s