From owner-freebsd-security@FreeBSD.ORG Tue Apr 5 10:39:45 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 88DA316A4CE for ; Tue, 5 Apr 2005 10:39:45 +0000 (GMT) Received: from www.enhyper.com (mailgate.enhyper.com [62.49.250.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6556443D2F for ; Tue, 5 Apr 2005 10:39:44 +0000 (GMT) (envelope-from iang@iang.org) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by www.enhyper.com (8.11.6/8.11.6) with SMTP id j35AdMU17878 for ; Tue, 5 Apr 2005 11:39:38 +0100 X-Authentication-Warning: www.enhyper.com: localhost.localdomain [127.0.0.1] didn't use HELO protocol Message-ID: <42526BB6.40701@iang.org> Date: Tue, 05 Apr 2005 11:43:02 +0100 From: Ian G Organization: http://iang.org/ User-Agent: Mozilla Thunderbird 1.0 (X11/20050219) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Secunia / Firefox Javascript "Arbitrary Memory Exposure" test X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Apr 2005 10:39:45 -0000 I just confirmed the following bug on my firefox. http://secunia.com/advisories/14820/ Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050219 Firefox/1.0 (I think my firefox is a month or two behind, from ports, but the advisary indicates both 1.0.1 and 1.0.2 are effected.) FreeBSD localhost 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 -- News and views on what matters in finance+crypto: http://financialcryptography.com/