CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
97.4%
CentOS Errata and Security Advisory CESA-2008:0598
Mozilla Firefox is an open source Web browser.
An integer overflow flaw was found in the way Firefox displayed certain web
content. A malicious web site could cause Firefox to crash, or execute
arbitrary code with the permissions of the user running Firefox.
(CVE-2008-2785)
A flaw was found in the way Firefox handled certain command line URLs. If
another application passed Firefox a malformed URL, it could result in
Firefox executing local malicious content with chrome privileges.
(CVE-2008-2933)
All firefox users should upgrade to this updated package, which contains
backported patches that correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-July/077299.html
https://lists.centos.org/pipermail/centos-announce/2008-July/077300.html
https://lists.centos.org/pipermail/centos-announce/2008-July/077307.html
https://lists.centos.org/pipermail/centos-announce/2008-July/077308.html
https://lists.centos.org/pipermail/centos-announce/2008-July/077312.html
https://lists.centos.org/pipermail/centos-announce/2008-July/077316.html
Affected packages:
firefox
Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0598
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | x86_64 | firefox | <ย 1.5.0.12-0.21.el4.centos | firefox-1.5.0.12-0.21.el4.centos.x86_64.rpm |
CentOS | 4 | i386 | firefox | <ย 1.5.0.12-0.21.el4.centos | firefox-1.5.0.12-0.21.el4.centos.i386.rpm |
CentOS | 4 | i386 | firefox | <ย 1.5.0.12-0.21.el4.centos3 | firefox-1.5.0.12-0.21.el4.centos3.i386.rpm |
CentOS | 4 | x86_64 | firefox | <ย 1.5.0.12-0.21.el4.centos3 | firefox-1.5.0.12-0.21.el4.centos3.x86_64.rpm |
CentOS | 4 | ia64 | firefox | <ย 1.5.0.12-0.21.el4.centos | firefox-1.5.0.12-0.21.el4.centos.ia64.rpm |
CentOS | 4 | s390 | firefox | <ย 1.5.0.12-0.21.el4.centos | firefox-1.5.0.12-0.21.el4.centos.s390.rpm |
CentOS | 4 | s390x | firefox | <ย 1.5.0.12-0.21.el4.centos | firefox-1.5.0.12-0.21.el4.centos.s390x.rpm |