Bug 19748 - множественные уязвимости, MSFA 2009-14,16-19
Summary: множественные уязвимости, MSFA 2009-14,16-19
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: thunderbird (show other bugs)
Version: unstable
Hardware: all Linux
: P3 blocker
Assignee: Ajrat Makhmutov
QA Contact: qa-sisyphus
URL: http://secunia.com/advisories/34780/
Keywords:
Depends on:
Blocks:
 
Reported: 2009-04-24 01:41 MSD by Vladimir Lettiev
Modified: 2024-03-11 15:10 MSK (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Lettiev 2009-04-24 01:41:00 MSD 
Обнаружены множественные уязвимости в ветке 2.x:
MFSA 2009-19  Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings
MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme
MFSA 2009-16 jar: scheme ignores the content-disposition: header on the inner URI
MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)

Официальное исправление пока ещё не вышло.
Comment 1 Alexey Gladkov 2009-04-27 10:23:21 MSD 
Исправлено в сизифе.
Comment 2 Vladimir Lettiev 2009-04-28 19:47:54 MSD 
ok