RedHatRHSA-2005:336(RHSA-2005:336) firefox security update
EPSS
Percentile
99.2%
Mozilla Firefox is an open source Web browser.
A buffer overflow bug was found in the way Firefox processes GIF images. It
is possible for an attacker to create a specially crafted GIF image, which
when viewed by a victim will execute arbitrary code as the victim. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0399 to this issue.
A bug was found in the way Firefox processes XUL content. If a malicious
web page can trick a user into dragging an object, it is possible to load
malicious XUL content. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0401 to this issue.
A bug was found in the way Firefox bookmarks content to the sidebar. If a
user can be tricked into bookmarking a malicious web page into the sidebar
panel, that page could execute arbitrary programs. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0402 to this issue.
Users of Firefox are advised to upgrade to this updated package which
contains Firefox version 1.0.2 and is not vulnerable to these issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | s390x | firefox | < 1.0.2-1.4.1 | firefox-1.0.2-1.4.1.s390x.rpm |
| RedHat | any | i386 | firefox | < 1.0.2-1.4.1 | firefox-1.0.2-1.4.1.i386.rpm |
| RedHat | any | src | firefox | < 1.0.2-1.4.1 | firefox-1.0.2-1.4.1.src.rpm |
| RedHat | any | ppc | firefox | < 1.0.2-1.4.1 | firefox-1.0.2-1.4.1.ppc.rpm |
| RedHat | any | s390 | firefox | < 1.0.2-1.4.1 | firefox-1.0.2-1.4.1.s390.rpm |
| RedHat | any | x86_64 | firefox | < 1.0.2-1.4.1 | firefox-1.0.2-1.4.1.x86_64.rpm |
| RedHat | any | ia64 | firefox | < 1.0.2-1.4.1 | firefox-1.0.2-1.4.1.ia64.rpm |
Related
