Firefox 1.5.0.5 available & trojan piggybacks on Firefox

Sigman

* The Arctic Moderator *
Joined
Sep 25, 2002
Messages
10,124
Location
"The 49th State"
Trojan piggybacks on Firefox...

Edit: Just received notice Firefox 1.5.0.5 is now available...don't know if it's a result of the story linked above or not.

From their site:

"Fixed in Firefox 1.5.0.5":
MFSA 2006-56 chrome: scheme loading remote content
MFSA 2006-55 Crashes with evidence of memory corruption (rv:1.8.0.5)
MFSA 2006-54 XSS with XPCNativeWrapper(window).Function(...)
MFSA 2006-53 UniversalBrowserRead privilege escalation
MFSA 2006-52 PAC privilege escalation using Function.prototype.call
MFSA 2006-51 Privilege escalation using named-functions and redefined "new Object()"
MFSA 2006-50 JavaScript engine vulnerabilities
MFSA 2006-48 JavaScript new Function race condition
MFSA 2006-47 Native DOM methods can be hijacked across domains
MFSA 2006-46 Memory corruption with simultaneous events
MFSA 2006-45 Javascript navigator Object Vulnerability
MFSA 2006-44 Code execution through deleted frame reference
 
Last edited:

Donovan

Enlightened
Joined
Jan 6, 2005
Messages
420
Location
North Metro Atlanta, Georgia
Re: Trojan piggybacks on Firefox

Important to note that this is not a direct vulnerability in Firefox per se. This trojan can only infect pc's already infected with the Downloader-AXM Trojan. This trojan commonly gets distributed via email as an exe file attachment. It is easily seen as an installed extension in firefox...

Understand that any application that provides a way for users to install plugins can be used as part of the second stage of a virus infection. The attacker could have just as easily installed a plugin in Windows Media Player, Quicktime, iTunes, Office, etc.............

It is important to practice safe computing whatever software you use!
This may be a good time to doublecheck your pc for any problems:

http://housecall.trendmicro.com/

http://www.ewido.net/en/onlinescan/

http://safety.live.com/site/en-us/default.htm

http://www.pctools.com/spyware-doctor/trojans.php?ref=google_trojan
 
Last edited:
Top