English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 102521 CVE descriptions
and 54701 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-076
2006-02-02
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : firefox
Version     : 1.0.7                      
Release     : 1.2.fc4                  
Summary     : Mozilla Firefox Web browser.
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

---------------------------------------------------------------------
Update Information:

Mozilla Firefox is an open source Web browser.

Igor Bukanov discovered a bug in the way Firefox's
JavaScript interpreter dereferences objects. If a user
visits a malicious web page, Firefox could crash or execute
arbitrary code as the user running Firefox. The Common
Vulnerabilities and Exposures project assigned the name
CVE-2006-0292 to this issue.

moz_bug_r_a4 discovered a bug in Firefox's
XULDocument.persist() function. A malicious web page could
inject arbitrary RDF data into a user's localstore.rdf file,
which can cause Firefox to execute arbitrary JavaScript when
a user runs Firefox. (CVE-2006-0296)

A denial of service bug was found in the way Firefox saves
history information. If a user visits a web page with a very
long title, it is possible Firefox will crash or take a very
long time to start the next time it is run. (CVE-2005-4134)
---------------------------------------------------------------------
* Sun Jan 29 2006 Christopher Aillon <caillon@redhat.com> 0:1.0.7-1.2.fc4
- Fix CVE-2005-4134, CVE-2006-0292, CVE-2006-0296

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

d37a19a1ad285f0605ed0a7fc3603c289e4d33a0  SRPMS/firefox-1.0.7-1.2.fc4.src.rpm
46d0d5698126e86ce6d2e844e113d230cd4f23ea  ppc/firefox-1.0.7-1.2.fc4.ppc.rpm
822405f5a6de3e18324b2a1270a0e9a08aabb234  ppc/debug/firefox-debuginfo-1.0.7-1.2.fc4.ppc.rpm
42c8d63a8dd251c505e19dfff2c61450c149c774  x86_64/firefox-1.0.7-1.2.fc4.x86_64.rpm
f737d3deb0c8791ed31caff83226d4b1a17a58d8  x86_64/debug/firefox-debuginfo-1.0.7-1.2.fc4.x86_64.rpm
c6d0a31bd2106ae7ffe65ff9c780209fa3edcd9a  i386/firefox-1.0.7-1.2.fc4.i386.rpm
6635d0ddc685bb7579f2701971704a4bec7d1dc8  i386/debug/firefox-debuginfo-1.0.7-1.2.fc4.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.