=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN291
_____________________________________________________________________

DATE                      : 09/05/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Firefox.

======================================================================

http://www.mozilla.org/security/#Security_Alerts

MOZILLA.ORG
"Security Advisory (May 8, 2005) The Mozilla Foundation is aware of two potentially critical
Firefox security vulnerabilities as reported publicly Saturday, May 7th. There are currently
no known active exploits of these vulnerabilities although a "proof of concept" has been
reported. Changes to the Mozilla Update web service have been made to mitigate the risk of
an exploit. Mozilla is aggressively working to provide a more comprehensive solution to
these potential vulnerabilities and will provide that solution in a forthcoming security
update. Users can further protect themselves today by temporarily disabling JavaScript.

Further information including the availability of updates will be posted at www.mozilla.org.


======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================