Monthly Archives: November 2008

Firefox 3.0.4

New version of Firefox is out an available, it fixes the following problems:

  • MFSA 2008-58 Parsing error in E4X default namespace
  • MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
  • MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
  • MFSA 2008-55 Crash and remote code execution in nsFrameManager
  • MFSA 2008-54 Buffer overflow in http-index-format parser
  • MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
  • MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
  • MFSA 2008-51 file: URIs inherit chrome privileges when opened from chrome
  • MFSA 2008-47 Information stealing via local shortcut files

Security Advisories for Firefox 3.0.4

Microsoft Security Bulletin Summary for November 2008

As usual evil empire update day is upon us with the Microsoft Security Bulletin Summary for November 2008:

  • MS08-068: Vulnerability in SMB could allow remote code execution (957097)
  • MS08-069: Vulnerabilities in Microsoft XML Core Services could allow remote code execution (955218)

SANS – November Black Tuesday Overview