Mozilla Firefox is an open source Web browser.
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017,
CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)
Several flaws were found in the way malformed content was processed. A web
site containing specially-crafted content could potentially trick a Firefox
user into surrendering sensitive information. (CVE-2008-5022,
CVE-2008-5023, CVE-2008-5024)
A flaw was found in the way Firefox opened “file:” URIs. If a file: URI was
loaded in the same tab as a chrome or privileged “about:” page, the file:
URI could execute arbitrary code with the permissions of the user running
Firefox. (CVE-2008-5015)
For technical details regarding these flaws, please see the Mozilla
security advisories for Firefox 3.0.4. You can find a link to the Mozilla
advisories in the References section.
All firefox users should upgrade to these updated packages, which contain
backported patches that correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | src | firefox | < 3.0.4-1.el4 | firefox-3.0.4-1.el4.src.rpm |
RedHat | 5 | ppc64 | xulrunner-devel | < 1.9.0.4-1.el5 | xulrunner-devel-1.9.0.4-1.el5.ppc64.rpm |
RedHat | 5 | x86_64 | devhelp-devel | < 0.12-20.el5 | devhelp-devel-0.12-20.el5.x86_64.rpm |
RedHat | 5 | src | xulrunner | < 1.9.0.4-1.el5 | xulrunner-1.9.0.4-1.el5.src.rpm |
RedHat | 5 | ia64 | xulrunner | < 1.9.0.4-1.el5 | xulrunner-1.9.0.4-1.el5.ia64.rpm |
RedHat | 5 | s390 | nss | < 3.12.1.1-3.el5 | nss-3.12.1.1-3.el5.s390.rpm |
RedHat | 5 | ia64 | nss | < 3.12.1.1-3.el5 | nss-3.12.1.1-3.el5.ia64.rpm |
RedHat | 5 | ppc | nss-pkcs11-devel | < 3.12.1.1-3.el5 | nss-pkcs11-devel-3.12.1.1-3.el5.ppc.rpm |
RedHat | 5 | s390x | yelp | < 2.16.0-22.el5 | yelp-2.16.0-22.el5.s390x.rpm |
RedHat | 5 | ppc | nss | < 3.12.1.1-3.el5 | nss-3.12.1.1-3.el5.ppc.rpm |