Notified:  November 11, 2007 Updated: November 11, 2007

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

See http://www.gnucitizen.org/blog/java-jar-attacks-and-features for more information.

Updated:  November 27, 2007

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

This vulnerability is addressed in Mozilla Firefox 2.0.0.10. Please see MFSA 2007-37, Bug 369814, and Bug 403331.