From: "rosed1" <
[email protected]>
| According to mozillaZine Firefox 1.5.0.5 Final is scheduled to be
| released today (and Thunderbird 1.5.0.5 the day after tomorrow). This
| will be most likely the last update that version 1.5 will see before
| the release of version 2.0.
|
| Quote -
| According to the Firefox 1.5.0.5 schedule, the planned release dates
| for Firefox 1.5.0.5 and Thunderbird 1.5.0.5 are Tuesday 25th July and
| Thursday 27th July respectively. All users will be encouraged to update
| to these maintenance releases, which will include security and
| stability updates but no new features.
|
| And it seems that this is correct. Everything looks ready for the
| release.
|
| The Release Notes page is ready. (link)
| The release folder is on the FTP and it already has the update versions
| (link) (Freeware)
|
| View: Firefox 1.5.0.5 Release Notes
| News source: mozillaZine
| {
http://www.neowin.net/index.php?act=view&id=34264}
http://www.ciac.org/ciac/bulletins/q-258.shtml
Q-258: Mozilla (now SeaMonkey), Firefox, Thunderbird Security Vulnerabilities
[Mozilla Foundation Security Advisory 2006-48]
July 27, 2006 17:00 GMT
--------------------------------------------------------------------------------
PROBLEM: There are several security vulnerabilities in Mozilla (now SeaMonkey):
1) JavaScript new Function race condition;
2) Memory corruption with simultaneous events; and
3) Code execution through deleted frame reference.
PLATFORM: Firefox 1.5.0.5
SeaMonkey 1.0.3
Thunderbird 1.5.0.5
DAMAGE:
1) JavaScript garbage collection deleted a temporary variable still being used in the
creation of a new Function object. The resulting use of a deleted object may be potentially
exploitable to run native code provided by the attacker;
2) A memory corruption error within the handling of simultaneously happenind XPCOM events,
which leads to use of a deleted timer object. This generally results in a crash but
potentially could be exploited to execute arbitrary code on a user's system when a malicious
website is visited; and
3) A JavaScript reference to a frame or window was not properly cleared when the referenced
content went away, and a deleted object could be used to execute native code supplied by the
attacker.
SOLUTION: Upgrade to the appropriate version.
--------------------------------------------------------------------------------
VULNERABILITY
ASSESSMENT: The risk is MEDIUM. The attacker could execute arbitrary code.
--------------------------------------------------------------------------------
LINKS:
CIAC BULLETIN:
http://www.ciac.org/ciac/bulletins/q-258.shtml
ORIGINAL BULLETIN: Mozilla Foundation Security Advisory 2006-48
http://www.mozilla.org/security/announce/2006/mfsa2006-48.html
ADDITIONAL LINKS: Mozilla Foundation Security Advisories 2006-46 & 2006-44
http://www.mozilla.org/security/announce/2006/mfsa2006-46.html
http://www.mozilla.org/security/announce/2006/mfsa2006-44.html
CVE: CVE-2006-3803 CVE-2006-3113 CVE-2006-3801
