Mozilla Firefox is an open source Web browser.
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062,
CVE-2008-4063, CVE-2008-4064)
Several flaws were found in the way malformed web content was displayed. A
web page containing specially crafted content could potentially trick a
Firefox user into surrendering sensitive information. (CVE-2008-4067,
CVE-2008-4068)
A flaw was found in the way Firefox handles mouse click events. A web page
containing specially crafted JavaScript code could move the content window
while a mouse-button was pressed, causing any item under the pointer to be
dragged. This could, potentially, cause the user to perform an unsafe
drag-and-drop action. (CVE-2008-3837)
A flaw was found in Firefox that caused certain characters to be stripped
from JavaScript code. This flaw could allow malicious JavaScript to bypass
or evade script filters. (CVE-2008-4065)
For technical details regarding these flaws, please see the Mozilla
security advisories for Firefox 3.0.2. You can find a link to the Mozilla
advisories in the References section.
All firefox users should upgrade to this updated package, which contains
backported patches that correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | s390 | xulrunner-devel | < 1.9.0.2-5.el5 | xulrunner-devel-1.9.0.2-5.el5.s390.rpm |
RedHat | 5 | s390x | nss-tools | < 3.12.1.1-1.el5 | nss-tools-3.12.1.1-1.el5.s390x.rpm |
RedHat | 5 | x86_64 | devhelp-devel | < 0.12-19.el5 | devhelp-devel-0.12-19.el5.x86_64.rpm |
RedHat | 5 | src | xulrunner | < 1.9.0.2-5.el5 | xulrunner-1.9.0.2-5.el5.src.rpm |
RedHat | 5 | ppc | devhelp-devel | < 0.12-19.el5 | devhelp-devel-0.12-19.el5.ppc.rpm |
RedHat | 5 | ppc64 | xulrunner-devel | < 1.9.0.2-5.el5 | xulrunner-devel-1.9.0.2-5.el5.ppc64.rpm |
RedHat | 5 | ppc | xulrunner | < 1.9.0.2-5.el5 | xulrunner-1.9.0.2-5.el5.ppc.rpm |
RedHat | 5 | s390 | firefox | < 3.0.2-3.el5 | firefox-3.0.2-3.el5.s390.rpm |
RedHat | 4 | s390 | firefox | < 3.0.2-3.el4 | firefox-3.0.2-3.el4.s390.rpm |
RedHat | 5 | i386 | nss-devel | < 3.12.1.1-1.el5 | nss-devel-3.12.1.1-1.el5.i386.rpm |