Secunia
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: Security Advisory for Firefox v. 10.0.1?
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
Programs
|
Relating to this vendor: Mozilla Foundation |
And, this specific program: Mozilla Firefox 10.x |
| lmacri | Security Advisory for Firefox v. 10.0.1? |
|---|---|
 |
12th Feb, 2012 16:27 |
|
Ranking: 31 Posts: 58 User Since: 9th Sep, 2009 System Score: N/A Location: CA Last edited on 12th Feb, 2012 16:34 |
Does anyone know if Secunia is planning to release a security advisory for the Mozilla Firefox v. 10.0.1 browser (released 10-Feb-2012) in the next few days? According to Mozilla's Security Advisories for Firefox at https://www.mozilla.org/security/known-vulnerabili... there was a critical security patch (MFSA 2012-10) in the new Firefox v. 10.0.1 update. However, PSI v. 2.0.0.3001 is still reporting that my unpatched Firefox v. 10.0.0 is secure. The Secunia Vulnerability Report for Firefox 10.x at http://secunia.com/advisories/product/39619/ currently shows that there are 0 for 0 security advisories and states that "There are no unpatched Secunia advisories affecting this product, when all vendor patches are applied." -- Vista Home Premium 32-bit SP2 * NIS 2011 v. 18.6 * IE 9 * FF 10.0.0 * PSI v. 2.0.0.3001 |
Post "RE: Security Advisory for Firefox v. 10.0.1?" has been selected as an answer.
| mogs | RE: Security Advisory for Firefox v. 10.0.1? | ||||||||
|
12th Feb, 2012 17:08 | ||||||||
| Score: 2066 Posts: 5,602 User Since: 22nd Apr 2009 System Score: 100% Location: UK |
@imacri I would think it will be an item for Support when in the office tomorrow. Meanwhile, FF10 is showing as secure...as you state by the Secunia Advisory. Reading thro' the Mozilla Advisory....it does state that the issues 10.0.1 fixes, have a potential to be exploited....but as yet unproven it seems. Maybe that is one reason. Supposition on my part tho'. -- Toshiba Satellite L300D Vista Home Premium 32bit SP2 Chrome 19 Stable Channel Chrome Canary 21 IE9 Secunia psi 2.0.0.4003 |
||||||||
|
|||||||||
| Maurice Joyce | RE: Security Advisory for Firefox v. 10.0.1? | ||||||||
|
12th Feb, 2012 19:30 | ||||||||
| Score: 8623 Posts: 6,660 User Since: 4th Jan 2009 System Score: 100% Location: UK |
By following the Mozilla notification this alleged vulnerability was "found" by their own staff under the heading MFSA 2012-10 It has been summited as CVE 2012-0452 - details of that submission are here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-... Note the Status of this CVE. Candidate This CVE Identifier has "Candidate" status and must be reviewed and accepted by the CVE Editorial Board before it can be updated to official "Entry" status on the CVE List. It may be modified or even rejected in the future. Until accepted as an official entry it is highly unlikely Secunia will do anything. That does not prevent Mozilla pushing out their own security update. -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE9 16GB RAM |
||||||||
|
|||||||||
| mogs | RE: Security Advisory for Firefox v. 10.0.1? | ||||||||
|
|
12th Feb, 2012 21:21 | ||||||||
| Score: 2066 Posts: 5,602 User Since: 22nd Apr 2009 System Score: 100% Location: UK |
Thanks very much for that clarification Maurice....I've bookmarked the CVE site for future reference.....very informative....cheers....... -- Toshiba Satellite L300D Vista Home Premium 32bit SP2 Chrome 19 Stable Channel Chrome Canary 21 IE9 Secunia psi 2.0.0.4003 |
||||||||
|
|||||||||
| Anthony Wells | RE: Security Advisory for Firefox v. 10.0.1? | ||||||||
|
|
13th Feb, 2012 14:40 | ||||||||
| Score: 2165 Posts: 3,021 User Since: 19th Dec 2007 System Score: N/A Location: N/A |
Hi , SA48008 has been issued today dealing with the vulnerability :- http://secunia.com/advisories/48008/ Take care Anthony -- It always seems impossible until its done. Nelson Mandela |
||||||||
|
|||||||||
| E.Petersen | RE: Security Advisory for Firefox v. 10.0.1? |
|
13th Feb, 2012 15:05 |
| Score: 649 Posts: 1,892 User Since: 1st Jul 2009 System Score: N/A Location: Copenhagen, DK |
Hi, Our rules have been updated to corrospond to the advisory. If you scan again, are you shown the correct patched status? -- Kind regards, Emil R. Petersen Secunia PSI Support Secunia PSI http://secunia.com/vulnerability_scanning/personal |
| lmacri | RE: Security Advisory for Firefox v. 10.0.1? | ||||||||
|
|
14th Feb, 2012 00:08 | ||||||||
| Score: 31 Posts: 58 User Since: 9th Sep 2009 System Score: N/A Location: CA Last edited on 14th Feb, 2012 00:09 |
on 13th Feb, 2012 15:05, E.Petersen wrote: If you scan again, are you shown the correct patched status? Hi Emil: Yes, I can confirm that my PSI scan is now showing my unpatched Firefox 10.0.0 as insecure and the scan results have a link to the Secunia's Security Advisory SA48008 at http://secunia.com/advisories/48008/ mentioned by Anthony. Thanks to everyone for your prompt responses. -- Vista Home Premium 32-bit SP2 * NIS 2011 v. 18.6 * IE 9 * FF 10.0.0 * PSI v. 2.0.0.3001 |
||||||||
|
|||||||||
