What Are You Looking For?

Sign Up
Date:         Wed, 16 Jul 2008 13:37:09 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for firefox on SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Critical: firefox security update
Issue date:	2008-07-16
CVE Names:	CVE-2008-2785 CVE-2008-2933

An integer overflow flaw was found in the way Firefox displayed certain web
content. A malicious web site could cause Firefox to crash, or execute
arbitrary code with the permissions of the user running Firefox.
(CVE-2008-2785)

A flaw was found in the way Firefox handled certain command line URLs. If
another application passed Firefox a malformed URL, it could result in
Firefox executing local malicious content with chrome privileges.
(CVE-2008-2933)

SL 5.x

    SRPMS:
devhelp-0.12-18.el5.src.rpm
firefox-3.0.1-1.el5.src.rpm
xulrunner-1.9.0.1-1.el5.src.rpm
yelp-2.16.0-20.el5.src.rpm
    i386:
devhelp-0.12-18.el5.i386.rpm
devhelp-devel-0.12-18.el5.i386.rpm
firefox-3.0.1-1.el5.i386.rpm
xulrunner-1.9.0.1-1.el5.i386.rpm
xulrunner-devel-1.9.0.1-1.el5.i386.rpm
xulrunner-devel-unstable-1.9.0.1-1.el5.i386.rpm
yelp-2.16.0-20.el5.i386.rpm
    x86_64:
devhelp-0.12-18.el5.i386.rpm
devhelp-0.12-18.el5.x86_64.rpm
devhelp-devel-0.12-18.el5.i386.rpm
devhelp-devel-0.12-18.el5.x86_64.rpm
firefox-3.0.1-1.el5.i386.rpm
firefox-3.0.1-1.el5.x86_64.rpm
xulrunner-1.9.0.1-1.el5.i386.rpm
xulrunner-1.9.0.1-1.el5.x86_64.rpm
xulrunner-devel-1.9.0.1-1.el5.i386.rpm
xulrunner-devel-1.9.0.1-1.el5.x86_64.rpm
xulrunner-devel-unstable-1.9.0.1-1.el5.x86_64.rpm
yelp-2.16.0-20.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2008-2785 firefox SL5.x i386/x86_64

Critical: firefox security update

Summary

Date:         Wed, 16 Jul 2008 13:37:09 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA for firefox on SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          Synopsis:	Critical: firefox security updateIssue date:	2008-07-16CVE Names:	CVE-2008-2785 CVE-2008-2933An integer overflow flaw was found in the way Firefox displayed certain webcontent. A malicious web site could cause Firefox to crash, or executearbitrary code with the permissions of the user running Firefox.(CVE-2008-2785)A flaw was found in the way Firefox handled certain command line URLs. Ifanother application passed Firefox a malformed URL, it could result inFirefox executing local malicious content with chrome privileges.(CVE-2008-2933)SL 5.x    SRPMS:devhelp-0.12-18.el5.src.rpmfirefox-3.0.1-1.el5.src.rpmxulrunner-1.9.0.1-1.el5.src.rpmyelp-2.16.0-20.el5.src.rpm    i386:devhelp-0.12-18.el5.i386.rpmdevhelp-devel-0.12-18.el5.i386.rpmfirefox-3.0.1-1.el5.i386.rpmxulrunner-1.9.0.1-1.el5.i386.rpmxulrunner-devel-1.9.0.1-1.el5.i386.rpmxulrunner-devel-unstable-1.9.0.1-1.el5.i386.rpmyelp-2.16.0-20.el5.i386.rpm    x86_64:devhelp-0.12-18.el5.i386.rpmdevhelp-0.12-18.el5.x86_64.rpmdevhelp-devel-0.12-18.el5.i386.rpmdevhelp-devel-0.12-18.el5.x86_64.rpmfirefox-3.0.1-1.el5.i386.rpmfirefox-3.0.1-1.el5.x86_64.rpmxulrunner-1.9.0.1-1.el5.i386.rpmxulrunner-1.9.0.1-1.el5.x86_64.rpmxulrunner-devel-1.9.0.1-1.el5.i386.rpmxulrunner-devel-1.9.0.1-1.el5.x86_64.rpmxulrunner-devel-unstable-1.9.0.1-1.el5.x86_64.rpmyelp-2.16.0-20.el5.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

Kali Linux 2023.4 Released With New Hacking Tools

Dec 6, 2023

Krasue RAT Malware Hides on Linux Servers Using Embedded Rootkits

Dec 7, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo