Sunday, February 16, 2014

Indian Cyber Security Agency (CERT-IN) Issues Advisory To Upgrade Firefox and Chrome To Its Latest Version.

Computer Emergency Response Team of India (CERT-IN) has issued advice to Indian users to upgrade their web browsers to prevent exploitation by cyber criminals which we recently discovered in popular web browsers like Mozilla's Firefox, Thunderbrid, SeaMonkey and Google's Chrome.

In it's latest advisory, CERT-IN said, "Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird and SeaMonkey which could be exploited by a remote attacker to bypass certain security restrictions, disclose potentially sensitive information, gain escalated privileges, execute arbitrary code and causes denial of service condition on the affected system".

The agency, in its advisory, said the vulnerability is caused "due to improper restrict access to 'about:home' buttons by script on other pages in Mozilla Firefox".

"A user-assisted remote attacker could exploit this vulnerability using a crafted website or webpage. Successful exploitation of this vulnerability could allow user-assisted remote attacker to cause a denial of service condition," the CERT-In said.

Source: CIAD-2014-006 and -007

Via: TOI

Labels: , , ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home

Browsers Addon: Indian Cyber Security Agency (CERT-IN) Issues Advisory To Upgrade Firefox and Chrome To Its Latest Version.

Indian Cyber Security Agency (CERT-IN) Issues Advisory To Upgrade Firefox and Chrome To Its Latest Version.

Computer Emergency Response Team of India (CERT-IN) has issued advice to Indian users to upgrade their web browsers to prevent exploitation by cyber criminals which we recently discovered in popular web browsers like Mozilla's Firefox, Thunderbrid, SeaMonkey and Google's Chrome.

In it's latest advisory, CERT-IN said, "Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird and SeaMonkey which could be exploited by a remote attacker to bypass certain security restrictions, disclose potentially sensitive information, gain escalated privileges, execute arbitrary code and causes denial of service condition on the affected system".

The agency, in its advisory, said the vulnerability is caused "due to improper restrict access to 'about:home' buttons by script on other pages in Mozilla Firefox".

"A user-assisted remote attacker could exploit this vulnerability using a crafted website or webpage. Successful exploitation of this vulnerability could allow user-assisted remote attacker to cause a denial of service condition," the CERT-In said.

Source: CIAD-2014-006 and -007

Via: TOI

Labels: , , ,