XULRunner: Code Execution Vulnerability

Users of XULRunner please be advised of a Code Execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

MDVSA-2010:213: [MDVSA-2010:213] xulrunner code execution
Problem Description:

A vulnerability was discovered and corrected in xulrunner:

Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14
and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote
attackers to execute arbitrary code via unknown vectors, as exploited
in the wild in October 2010 by the Belmoo malware (CVE-2010-3765).Read more at http://www.criticalwatch.com

 

Advertisements