Mozilla Firefox is an open source Web browser.
Igor Bukanov discovered a bug in the way Firefox’s Javascript interpreter
derefernces objects. If a user visits a malicious web page, Firefox could
crash or execute arbitrary code as the user running Firefox. The Common
Vulnerabilities and Exposures project assigned the name CVE-2006-0292 to
this issue.
moz_bug_r_a4 discovered a bug in Firefox’s XULDocument.persist() function.
A malicious web page could inject arbitrary RDF data into a user’s
localstore.rdf file, which can cause Firefox to execute arbitrary
javascript when a user runs Firefox. (CVE-2006-0296)
A denial of service bug was found in the way Firefox saves history
information. If a user visits a web page with a very long title, it is
possible Firefox will crash or take a very long time the next time it is
run. (CVE-2005-4134)
This update also fixes a bug when using XSLT to transform documents.
Passing DOM Nodes as parameters to functions expecting an xsl:param could
cause Firefox to throw an exception.
Users of Firefox are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | firefox | < 1.0.7-1.4.3 | firefox-1.0.7-1.4.3.s390x.rpm |
RedHat | any | s390 | firefox | < 1.0.7-1.4.3 | firefox-1.0.7-1.4.3.s390.rpm |
RedHat | any | ia64 | firefox | < 1.0.7-1.4.3 | firefox-1.0.7-1.4.3.ia64.rpm |
RedHat | any | src | firefox | < 1.0.7-1.4.3 | firefox-1.0.7-1.4.3.src.rpm |
RedHat | any | x86_64 | firefox | < 1.0.7-1.4.3 | firefox-1.0.7-1.4.3.x86_64.rpm |
RedHat | any | i386 | firefox | < 1.0.7-1.4.3 | firefox-1.0.7-1.4.3.i386.rpm |
RedHat | any | ppc | firefox | < 1.0.7-1.4.3 | firefox-1.0.7-1.4.3.ppc.rpm |