Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Scientific Linux SL5.x: Security Advisory for Firefox CRITICAL

Scientific Large Esm H446
Critical: firefox security update
Date: Wed, 16 Jul 2008 13:37:09 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA for firefox on SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 

Synopsis:	Critical: firefox security update
Issue date:	2008-07-16
CVE Names:	CVE-2008-2785 CVE-2008-2933

An integer overflow flaw was found in the way Firefox displayed certain web
content. A malicious web site could cause Firefox to crash, or execute
arbitrary code with the permissions of the user running Firefox.
(CVE-2008-2785)

A flaw was found in the way Firefox handled certain command line URLs. If
another application passed Firefox a malformed URL, it could result in
Firefox executing local malicious content with chrome privileges.
(CVE-2008-2933)

SL 5.x

 SRPMS:
devhelp-0.12-18.el5.src.rpm
firefox-3.0.1-1.el5.src.rpm
xulrunner-1.9.0.1-1.el5.src.rpm
yelp-2.16.0-20.el5.src.rpm
 i386:
devhelp-0.12-18.el5.i386.rpm
devhelp-devel-0.12-18.el5.i386.rpm
firefox-3.0.1-1.el5.i386.rpm
xulrunner-1.9.0.1-1.el5.i386.rpm
xulrunner-devel-1.9.0.1-1.el5.i386.rpm
xulrunner-devel-unstable-1.9.0.1-1.el5.i386.rpm
yelp-2.16.0-20.el5.i386.rpm
 x86_64:
devhelp-0.12-18.el5.i386.rpm
devhelp-0.12-18.el5.x86_64.rpm
devhelp-devel-0.12-18.el5.i386.rpm
devhelp-devel-0.12-18.el5.x86_64.rpm
firefox-3.0.1-1.el5.i386.rpm
firefox-3.0.1-1.el5.x86_64.rpm
xulrunner-1.9.0.1-1.el5.i386.rpm
xulrunner-1.9.0.1-1.el5.x86_64.rpm
xulrunner-devel-1.9.0.1-1.el5.i386.rpm
xulrunner-devel-1.9.0.1-1.el5.x86_64.rpm
xulrunner-devel-unstable-1.9.0.1-1.el5.x86_64.rpm
yelp-2.16.0-20.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson