| Ãë¾àÁ¡ID |
28823 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
139,445 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
SMB |
| »ó¼¼¼³¸í |
ÇØ´ç È£½ºÆ®¿¡´Â 3.5.12 ÀÌÀüÀÇ Mozilla FirefoxÀÇ ¾î¶² ¹öÀüÀÌ ¼³Ä¡µÇ¾î ÀÖ´Ù. Mozilla´Â Mozilla ÇÁ·ÎÁ§Æ®¿¡ ÀÇÇØ °³¹ßµÈ °ø°³ ¼Ò½º ±â¹ÝÀÇ À¥ ºê¶ó¿ìÀúÀÌ´Ù. Mozilla Firefox 3.5.12 ÀÌÀüÀÇ 3.5.x ¹öÀüµéÀº ´ÙÀ½ÀÇ Ãë¾àÁ¡À» Æ÷ÇÔÇÏ´Â ´ÙÁßÀÇ Ãë¾àÁ¡µéÀÌ Á¸ÀçÇÑ´Ù.
- ´ÙÁßÀÇ ¸Þ¸ð¸® ¾ÈÁ¤¼º ¹ö±×´Â ¸Þ¸ð¸® ¼Õ»óÀ» ÀÏÀ¸Å³ ¼ö ÀÖ°í, ±× °á°ú ÀáÀçÀûÀ¸·Î ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù. (MFSA 2010-49)
- HTML ÇÁ·¹ÀӼ ¿ä±¸ ±¸Çö¿¡¼ÀÇ Á¤¼öÇü ¿À¹öÇ÷οì Ãë¾àÁ¡Àº ÀÓÀÇÀÇ ÄÚµå ½ÇÇàÀ» À¯¹ßÇÒ ¼ö ÀÖ´Ù. (MFSA 2010-50)
- 'navigator.plugins'ÀÇ Çã»ó Æ÷ÀÎÅÍ Ãë¾àÁ¡Àº ÀÓÀÇÀÇ ÄÚµå ½ÇÇàÀ» À¯¹ß ÇÒ ¼ö ÀÖ´Ù. (MFSA 2010-51)
- dwmapi.dllÀ» ÅëÇØ DLL ÇÏÀÌÀçÅ· Ãë¾àÁ¡ÀÌ ¼öÇàµÉ ¼ö ÀÖ´Ù. (MFSA 2010-52)
- 'nsTextFrameUtils::TransformText' ÇÔ¼ö¿¡¼ÀÇ ÆQ ¿À¹öÇ÷οì Ãë¾àÁ¡ °á°ú·Î ¿ø°Ý ½Ã½ºÅÛ¿¡¼ ÀÓÀÇÀÇ ÄÚµå ½ÇÇàÀÌ °¡´ÉÇÏ´Ù.
(MFSA 2010-53)
- MFSA 2010-40¿¡¼ º¸°íµÈ Çã»ó Æ÷ÀÎÅÍ Ãë¾àÁ¡Àº À߸ø ¼öÁ¤µÇ¾ú´Ù. (MFSA 2010-54)
- XUL <tree>¸¦ ´Ù·ç´Â °´Ã¼´Â ºê¶ó¿ìÀúÀÇ ¼Õ»óÀ̳ª ¿ø°Ý ½Ã½ºÅÛ¿¡¼ ÀÓÀÇÀÇ Äڵ带 ½ÇÇàÇÒ ¼ö ÀÖ´Ù. (MFSA 2010-55)
- Çã»ó Æ÷ÀÎÅÍ Ãë¾àÁ¡Àº XUL <tree>ÀÇ ÄÁÅÙÃ÷ ºä ±¸Çö¿¡ ¿µÇâÀ» ÁÖ¹Ç·Î½á ¿ø°ÝÀÇ ½Ã½ºÅÛ¿¡¼ ÀÓÀÇÀÇ ÄÚµå ½ÇÇàÀ» Çã¿ëÇÒ ¼ö ÀÖ´Ù.
- ¹®¼ Á¤±ÔÈ¿¡ »ç¿ëµÇ´Â ÄÚµå´Â ¿ø°Ý ½Ã½ºÅÛÀ» ¼Õ»ó½ÃÅ°°Å³ª ÀÓÀÇÀÇ Äڵ带 ½ÇÇà ÇÒ ¼ö ÀÖ´Ù. (MFSA 2010-57)
- Ưº°È÷ Á¶ÀÛµÈ ÆùÆ®´Â Mac ½Ã½ºÅÛ¿¡¼ ¸Þ¸ð¸® ¼Õ»óÀ» À¯¹ßÇÏ°í, ¿ø°Ý ½Ã½ºÅÛ¿¡¼ ÀáÀçÀûÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇàÀÌ °¡´ÉÇÏ´Ù. (MFSA 2010-58)
- ½ºÅ©¸³ÆÃµÈ SJOW ÇÔ¼ö¸¦ »ç¿ëÇÏ¿© Å©·Î½º »çÀÌÆ® ½ºÅ©¸³Æà Ãë¾àÁ¡ÀÌ ½ÇÇà µÉ ¼ö ÀÖ´Ù. (MFSA 2010-60)
- <object> ű×ÀÇ 'type' Ư¼ºÀº Á¤ÇüÈµÈ HTML ¹®¼ÀÇ ¹®ÀÚ¼ÂÀ¸·Î ÀçÁ¤ÀÇ ÇÒ ¼ö ÀÖ´Ù. °ø°ÝÀÚ´Â UTF-7·Î ÀÎÄÚµùµÈ ÀÚ¹Ù½ºÅ©¸³Æ®¸¦ À¥»çÀÌÆ®¿¡ »ðÀÔÇÏ¿© ½ÇÇà ÇÒ ¼ö ÀÖ´Ù. (MFSA 2010-61)
- µðÀÚÀÎ ¸ðµå ¹®¼¿¡¼ HTML¿¡¼ Copy-and-paste or drag-and-drop·Î ¼±ÅÃµÈ ºÎºÐÀÇ JavaScript´Â Å©·Î½º»çÀÌÆ® ½ºÅ©¸³Æà Ãë¾àÁ¡À» ÀÏÀ¸Å³ ¼ö ÀÖ´Ù. (MFSA 2010-62)
- XMLHttpRequest °³Ã¼ÀÇ 'status Text' ¼Ó¼ºÀ» ÅëÇØ Áß¿äÇÑ Á¤º¸¸¦ ÀÐÀ» ¼ö ÀÖ´Ù. (MFSA 2010-63)
* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ È£½ºÆ®·Î ·Î±×ÀÎ ÇÒ ¼ö ÀÖ´Â °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://www.mozilla.org/security/announce/2010/mfsa2010-49.html
http://www.mozilla.org/security/announce/2010/mfsa2010-50.html
http://www.mozilla.org/security/announce/2010/mfsa2010-51.html
http://www.mozilla.org/security/announce/2010/mfsa2010-52.html
http://www.mozilla.org/security/announce/2010/mfsa2010-53.html
http://www.mozilla.org/security/announce/2010/mfsa2010-54.html
http://www.mozilla.org/security/announce/2010/mfsa2010-55.html
http://www.mozilla.org/security/announce/2010/mfsa2010-56.html
http://www.mozilla.org/security/announce/2010/mfsa2010-57.html
http://www.mozilla.org/security/announce/2010/mfsa2010-58.html
http://www.mozilla.org/security/announce/2010/mfsa2010-60.html
http://www.mozilla.org/security/announce/2010/mfsa2010-61.html
http://www.mozilla.org/security/announce/2010/mfsa2010-62.html
http://www.mozilla.org/security/announce/2010/mfsa2010-63.html
http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.12
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Mozilla Project, Firefox 3.5.12 ÀÌÀüÀÇ 3.5.x ¹öÀüµé
Microsoft Windows Any version
Linux Any version |
| ÇØ°áÃ¥ |
Mozilla Firefox ´Ù¿î·Îµå À¥ ÆäÀÌÁöÀÎ http://www.mozilla.or.kr/ko/ ¿¡¼ FirefoxÀÇ °¡Àå ÃֽŠ¹öÀü(3.5.12 ȤÀº ÀÌÈÄ)À» ±¸ÇÏ¿© ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù. |
| °ü·Ã URL |
CVE-2010-2760,CVE-2010-2763,CVE-2010-2764,CVE-2010-2765,CVE-2010-2766,CVE-2010-2767,CVE-2010-2768,CVE-2010-2769,CVE-2010-2770 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
