On Fri, Mar 23, 2007 at 04:33:39PM -0600, Micah Anderson <[EMAIL PROTECTED]> wrote: > > I guess CVE-2007-1004 affects iceape, and *may* affect browsers based on > > xulrunner. > > CVE-2007-1084 may affect iceape and browsers based on xulrunner. > > Ok, I'll add iceape, let us know if you determine otherwise. Also, you > say that it may affect browsers based on xulrunner, I guess I am noting > that xulrunner is affected then? What other browsers use xulrunner embeded?
xulrunner by itself is not affected, it depends what browsers that use it allow to remove from their ui and how easy it may be to make something look like it with remote content. This can actually affect any browser. FWIW, xulrunner-using browsers are, AFAIK, epiphany, galeon and kazehakase. Mike _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
