Mozilla is an open source Web browser.
A heap-based buffer overflow in Netscape and Mozilla allows remote
attackers to execute arbitrary code via a jar: URL that references a
malformed .jar file, which overflows a buffer during decompression.
These errata packages upgrade Mozilla to version 1.0.2, which is not
vulnerable to this issue. Mozilla 1.0.2 also contains a number of other
stability and security updates.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | mozilla-nss | < 1.0.2-4.2.1 | mozilla-nss-1.0.2-4.2.1.ia64.rpm |
RedHat | any | i386 | galeon | < 1.2.11-0.2.1 | galeon-1.2.11-0.2.1.i386.rpm |
RedHat | any | i386 | mozilla-js-debugger | < 1.0.2-4.2.1 | mozilla-js-debugger-1.0.2-4.2.1.i386.rpm |
RedHat | any | i386 | mozilla-psm | < 1.0.2-4.2.1 | mozilla-psm-1.0.2-4.2.1.i386.rpm |
RedHat | any | i386 | mozilla-nss | < 1.0.2-4.2.1 | mozilla-nss-1.0.2-4.2.1.i386.rpm |
RedHat | any | ia64 | mozilla-js-debugger | < 1.0.2-4.2.1 | mozilla-js-debugger-1.0.2-4.2.1.ia64.rpm |
RedHat | any | ia64 | mozilla-nspr | < 1.0.2-4.2.1 | mozilla-nspr-1.0.2-4.2.1.ia64.rpm |
RedHat | any | ia64 | mozilla-dom-inspector | < 1.0.2-4.2.1 | mozilla-dom-inspector-1.0.2-4.2.1.ia64.rpm |
RedHat | any | i386 | mozilla-nspr-devel | < 1.0.2-4.2.1 | mozilla-nspr-devel-1.0.2-4.2.1.i386.rpm |
RedHat | any | i386 | mozilla-mail | < 1.0.2-4.2.1 | mozilla-mail-1.0.2-4.2.1.i386.rpm |