Jackerrorreports

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 1.0.7 Mozilla Suite versions prior to 1.7.12 **Description** A heap-based buffer overflow issue allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag. **Recommendations** For Firefox versions prior to 1.0.7, update to version 1.0.7 or later. For Mozilla Suite versions prior to 1.7.12, update to version 1.7.12 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 1.0.7 Mozilla Suite versions prior to 1.7.12 **Description** The issue allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest. This could potentially be used to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting. **Recommendations** For Firefox versions prior to 1.0.7, update to version 1.0.7 or later. For Mozilla Suite versions prior to 1.7.12, update to version 1.7.12 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 1.0.7 Mozilla Suite versions prior to 1.7.12 **Description** The issue allows remote attackers to spoof DOM objects by utilizing an XBL control that implements an internal XPCOM interface. **Recommendations** For Firefox versions prior to 1.0.7, update to version 1.0.7 or later. For Mozilla Suite versions prior to 1.7.12, update to version 1.7.12 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 1.0.7 Mozilla versions prior to 1.7.12 **Description** The issue allows remote attackers to execute Javascript with chrome privileges via an about: page, such as about:mozilla. **Recommendations** For Firefox versions prior to 1.0.7, update to version 1.0.7 or later. For Mozilla versions prior to 1.7.12, update to version 1.7.12 or later.