Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.
Igor Bukanov discovered a bug in the way Mozilla’s Javascript interpreter
dereferences objects. If a user visits a malicious web page, Mozilla could
crash or execute arbitrary code as the user running Mozilla. The Common
Vulnerabilities and Exposures project assigned the name CVE-2006-0292 to
this issue.
moz_bug_r_a4 discovered a bug in Mozilla’s XULDocument.persist() function.
A malicious web page could inject arbitrary RDF data into a user’s
localstore.rdf file, which can cause Mozilla to execute arbitrary
javascript when a user runs Mozilla. (CVE-2006-0296)
A denial of service bug was found in the way Mozilla saves history
information. If a user visits a web page with a very long title, it is
possible Mozilla will crash or take a very long time the next time it is
run. (CVE-2005-4134)
Note that the Red Hat Enterprise Linux 3 packages also fix a bug when
using XSLT to transform documents. Passing DOM Nodes as parameters to
functions expecting an xsl:param could cause Mozilla to throw an exception.
Users of Mozilla are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | mozilla-nss | < 1.7.12-1.1.2.3 | mozilla-nss-1.7.12-1.1.2.3.ia64.rpm |
RedHat | any | i386 | mozilla-nss-devel | < 1.7.12-1.4.2 | mozilla-nss-devel-1.7.12-1.4.2.i386.rpm |
RedHat | any | i386 | mozilla-js-debugger | < 1.7.12-1.4.2 | mozilla-js-debugger-1.7.12-1.4.2.i386.rpm |
RedHat | any | ppc | mozilla-js-debugger | < 1.7.12-1.4.2 | mozilla-js-debugger-1.7.12-1.4.2.ppc.rpm |
RedHat | any | i386 | mozilla-nss | < 1.7.12-1.1.2.3 | mozilla-nss-1.7.12-1.1.2.3.i386.rpm |
RedHat | any | i386 | mozilla-devel | < 1.7.12-1.1.3.4 | mozilla-devel-1.7.12-1.1.3.4.i386.rpm |
RedHat | any | s390 | mozilla-chat | < 1.7.12-1.1.3.4 | mozilla-chat-1.7.12-1.1.3.4.s390.rpm |
RedHat | any | s390x | mozilla-devel | < 1.7.12-1.1.3.4 | mozilla-devel-1.7.12-1.1.3.4.s390x.rpm |
RedHat | any | s390 | mozilla-js-debugger | < 1.7.12-1.4.2 | mozilla-js-debugger-1.7.12-1.4.2.s390.rpm |
RedHat | any | i386 | mozilla-chat | < 1.7.12-1.4.2 | mozilla-chat-1.7.12-1.4.2.i386.rpm |