| The Red Hat advisory nicely describes the latest round of Mozilla vulnerabilities, most of which are fixed in the Firefox 11 and Thunderbird 11 releases:
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2012-0461, CVE-2012-0462, CVE-2012-0464)
Two flaws were found in the way Firefox parsed certain Scalable Vector
Graphics (SVG) image files. A web page containing a malicious SVG image
file could cause an information leak, or cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2012-0456, CVE-2012-0457)
A flaw could allow a malicious site to bypass intended restrictions,
possibly leading to a cross-site scripting (XSS) attack if a user were
tricked into dropping a "javascript:" link onto a frame. (CVE-2012-0455)
It was found that the home page could be set to a "javascript:" link. If a
user were tricked into setting such a home page by dragging a link to the
home button, it could cause Firefox to repeatedly crash, eventually
leading to arbitrary code execution with the privileges of the user
running Firefox. (CVE-2012-0458)
A flaw was found in the way Firefox parsed certain web content containing
"cssText". A web page containing malicious content could cause Firefox to
crash or, potentially, execute arbitrary code with the privileges of the
user running Firefox. (CVE-2012-0459)
It was found that by using the DOM fullscreen API, untrusted content could
bypass the mozRequestFullscreen security protections. A web page containing
malicious web content could exploit this API flaw to cause user interface
spoofing. (CVE-2012-0460)
A flaw was found in the way Firefox handled pages with multiple Content
Security Policy (CSP) headers. This could lead to a cross-site scripting
attack if used in conjunction with a website that has a header injection
flaw. (CVE-2012-0451)
| 