{"id":244,"date":"2010-03-18T20:20:36","date_gmt":"2010-03-19T03:20:36","guid":{"rendered":"http:\/\/blog.mozilla.org\/security\/?p=244"},"modified":"2010-03-20T09:35:58","modified_gmt":"2010-03-20T16:35:58","slug":"update-on-secunia-advisory-sa38608","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/","title":{"rendered":"Update on Secunia Advisory SA38608"},"content":{"rendered":"<p>Mozilla was contacted by Evgeny Legerov, the security researcher who discovered the bug referenced in the Secunia report, with sufficient details to reproduce and analyze the issue.\u00a0 The vulnerability was determined to be critical and could result in remote code execution by an attacker.\u00a0 The vulnerability has been patched by developers and we are currently undergoing quality assurance testing for the fix.\u00a0 Firefox 3.6.2 is scheduled to be released March 30th and will contain the fix for this issue.\u00a0 As always, we encourage users to apply this update as soon as it is available to ensure a safe browsing experience.\u00a0 Alternatively, users can download Release Candidate builds of Firefox 3.6.2 which contains the fix from here:\u00a0 <a href=\"https:\/\/ftp.mozilla.org\/pub\/mozilla.org\/firefox\/nightly\/3.6.2-candidates\/build3\/\">https:\/\/ftp.mozilla.org\/pub\/mozilla.org\/firefox\/nightly\/3.6.2-candidates\/build3\/<\/a><\/p>\n<p><strong>Update:<\/strong> To clarify, as originally claimed this issue affects Firefox 3.6 only and not any earlier versions. Thunderbird and SeaMonkey are based on earlier versions of the browser engine and are not affected. People testing &#8220;3.7&#8221; development builds should upgrade to 3.7 alpha 3 or the latest nightly build to ensure they have this fix.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mozilla was contacted by Evgeny Legerov, the security researcher who discovered the bug referenced in the Secunia report, with sufficient details to reproduce and analyze the issue.\u00a0 The vulnerability was &hellip; <a class=\"go\" href=\"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/\">Read more<\/a><\/p>\n","protected":false},"author":115,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"coauthors":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Update on Secunia Advisory SA38608 - Mozilla Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lucas Adamski\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/\",\"url\":\"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/\",\"name\":\"Update on Secunia Advisory SA38608 - Mozilla Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\"},\"datePublished\":\"2010-03-19T03:20:36+00:00\",\"dateModified\":\"2010-03-20T16:35:58+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/1703a1d47bc7d658b2da792c66d75777\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Update on Secunia Advisory SA38608\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/security\/\",\"name\":\"Mozilla Security Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/1703a1d47bc7d658b2da792c66d75777\",\"name\":\"Lucas Adamski\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/5ad6398ddba0690b201c64476831374a\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/fd0281367d4545f8c0fa1f8276a381d2?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/fd0281367d4545f8c0fa1f8276a381d2?s=96&d=identicon&r=g\",\"caption\":\"Lucas Adamski\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Update on Secunia Advisory SA38608 - Mozilla Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/","twitter_misc":{"Written by":"Lucas Adamski","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/","url":"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/","name":"Update on Secunia Advisory SA38608 - Mozilla Security Blog","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/security\/#website"},"datePublished":"2010-03-19T03:20:36+00:00","dateModified":"2010-03-20T16:35:58+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/1703a1d47bc7d658b2da792c66d75777"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/security\/2010\/03\/18\/update-on-secunia-advisory-sa38608\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/security\/"},{"@type":"ListItem","position":2,"name":"Update on Secunia Advisory SA38608"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/security\/#website","url":"https:\/\/blog.mozilla.org\/security\/","name":"Mozilla Security Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/1703a1d47bc7d658b2da792c66d75777","name":"Lucas Adamski","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/5ad6398ddba0690b201c64476831374a","url":"https:\/\/secure.gravatar.com\/avatar\/fd0281367d4545f8c0fa1f8276a381d2?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fd0281367d4545f8c0fa1f8276a381d2?s=96&d=identicon&r=g","caption":"Lucas Adamski"}}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/244"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/users\/115"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/comments?post=244"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/244\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/media?parent=244"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/categories?post=244"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/tags?post=244"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/coauthors?post=244"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}