(RHSA-2008:0598) Critical: firefox security update

2008-07-1600:00:00

access.redhat.com

EPSS

0.452

Percentile

97.4%

JSON

Mozilla Firefox is an open source Web browser.

An integer overflow flaw was found in the way Firefox displayed certain web
content. A malicious web site could cause Firefox to crash, or execute
arbitrary code with the permissions of the user running Firefox.
(CVE-2008-2785)

A flaw was found in the way Firefox handled certain command line URLs. If
another application passed Firefox a malformed URL, it could result in
Firefox executing local malicious content with chrome privileges.
(CVE-2008-2933)

All firefox users should upgrade to this updated package, which contains
backported patches that correct these issues.

OSVersionArchitecturePackageVersionFilename
RedHat4ia64firefox< 1.5.0.12-0.21.el4firefox-1.5.0.12-0.21.el4.ia64.rpm
RedHat4s390xfirefox< 1.5.0.12-0.21.el4firefox-1.5.0.12-0.21.el4.s390x.rpm
RedHat4x86_64firefox< 1.5.0.12-0.21.el4firefox-1.5.0.12-0.21.el4.x86_64.rpm
RedHat4s390firefox< 1.5.0.12-0.21.el4firefox-1.5.0.12-0.21.el4.s390.rpm
RedHat4i386firefox< 1.5.0.12-0.21.el4firefox-1.5.0.12-0.21.el4.i386.rpm
RedHat4ppcfirefox< 1.5.0.12-0.21.el4firefox-1.5.0.12-0.21.el4.ppc.rpm
RedHat4srcfirefox< 1.5.0.12-0.21.el4firefox-1.5.0.12-0.21.el4.src.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	4	ia64	firefox	< 1.5.0.12-0.21.el4	firefox-1.5.0.12-0.21.el4.ia64.rpm
RedHat	4	s390x	firefox	< 1.5.0.12-0.21.el4	firefox-1.5.0.12-0.21.el4.s390x.rpm
RedHat	4	x86_64	firefox	< 1.5.0.12-0.21.el4	firefox-1.5.0.12-0.21.el4.x86_64.rpm
RedHat	4	s390	firefox	< 1.5.0.12-0.21.el4	firefox-1.5.0.12-0.21.el4.s390.rpm
RedHat	4	i386	firefox	< 1.5.0.12-0.21.el4	firefox-1.5.0.12-0.21.el4.i386.rpm
RedHat	4	ppc	firefox	< 1.5.0.12-0.21.el4	firefox-1.5.0.12-0.21.el4.ppc.rpm
RedHat	4	src	firefox	< 1.5.0.12-0.21.el4	firefox-1.5.0.12-0.21.el4.src.rpm