CVE-2008-4324 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4324): The user interface event dispatcher in Mozilla Firefox 3.0.3 on Windows XP SP2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a series of keypress, click, onkeydown, onkeyup, onmousedown, and onmouseup events. NOTE: it was later reported that Firefox 3.0.2 on Mac OS X 10.5 is also affected.
Confimed to work on 3.0.3! I'm not sure if this also could be A2 (remote code exec): http://www.securityfocus.com/bid/31476/discuss
3.0.1-r1 crashes (just closes) after freezing for about 5 seconds.
If it only affects the 3.x firefoxes, it should be ~ rated, and severity changed.
I tested 2.0.0.17 now, the exploit does not do anything to it, so I'm changing it. They do not mention it here: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html Upstream release plan for 3.0.4: https://wiki.mozilla.org/Releases/Firefox_3.0.4 I'll ask.
https://bugzilla.mozilla.org/show_bug.cgi?id=454820
There is a fix available, please provide an ebuild.
3.0.4 in tree, closing noglsa.