(RHSA-2005:768) firefox security update

2005-09-0900:00:00

access.redhat.com

EPSS

0.961

Percentile

99.5%

JSON

Mozilla Firefox is an open source Web browser.

A bug was found in the way Firefox processes certain international domain
names. An attacker could create a specially crafted HTML file, which when
viewed by the victim would cause Firefox to crash or possibly execute
arbitrary code. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-2871 to this issue.

Users of Firefox are advised to upgrade to this updated package that
contains a backported patch and is not vulnerable to this issue.

OSVersionArchitecturePackageVersionFilename
RedHatanyi386firefox< 1.0.6-1.4.2firefox-1.0.6-1.4.2.i386.rpm
RedHatanyppcfirefox< 1.0.6-1.4.2firefox-1.0.6-1.4.2.ppc.rpm
RedHatanys390firefox< 1.0.6-1.4.2firefox-1.0.6-1.4.2.s390.rpm
RedHatanysrcfirefox< 1.0.6-1.4.2firefox-1.0.6-1.4.2.src.rpm
RedHatanyx86_64firefox< 1.0.6-1.4.2firefox-1.0.6-1.4.2.x86_64.rpm
RedHatanyia64firefox< 1.0.6-1.4.2firefox-1.0.6-1.4.2.ia64.rpm
RedHatanys390xfirefox< 1.0.6-1.4.2firefox-1.0.6-1.4.2.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	i386	firefox	< 1.0.6-1.4.2	firefox-1.0.6-1.4.2.i386.rpm
RedHat	any	ppc	firefox	< 1.0.6-1.4.2	firefox-1.0.6-1.4.2.ppc.rpm
RedHat	any	s390	firefox	< 1.0.6-1.4.2	firefox-1.0.6-1.4.2.s390.rpm
RedHat	any	src	firefox	< 1.0.6-1.4.2	firefox-1.0.6-1.4.2.src.rpm
RedHat	any	x86_64	firefox	< 1.0.6-1.4.2	firefox-1.0.6-1.4.2.x86_64.rpm
RedHat	any	ia64	firefox	< 1.0.6-1.4.2	firefox-1.0.6-1.4.2.ia64.rpm
RedHat	any	s390x	firefox	< 1.0.6-1.4.2	firefox-1.0.6-1.4.2.s390x.rpm