Description
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2009-0352, CVE-2009-0353, CVE-2009-0356)
Several flaws were found in the way malformed content was processed. A
website containing specially-crafted content could, potentially, trick a
Firefox user into surrendering sensitive information. (CVE-2009-0354,
CVE-2009-0355)
A flaw was found in the way Firefox treated HTTPOnly cookies. An attacker
able to execute arbitrary JavaScript on a target site using HTTPOnly
cookies may be able to use this flaw to steal the cookie. (CVE-2009-0357)
A flaw was found in the way Firefox treated certain HTTP page caching
directives. A local attacker could steal the contents of sensitive pages
which the page author did not intend to be cached. (CVE-2009-0358)