Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 7 FEDORA-2007-1144 (yelp)

The remote host is missing an update to yelp
announced via advisory FEDORA-2007-1144.

Yelp is the Gnome 2 help/documentation browser. It is designed
to help you browse all the documentation on your system in
one central tool.

Update Information:

Updated firefox packages that fix several security bugs are now available for Fedora Core 7.

Users of yelp are advised to upgrade to these erratum packages, which contain an update to yelp built against the updated Firefox packages.

* Wed Jul 18 2007 Kai Engert - 2.18.1-5
- Rebuild against newer gecko
* Fri May 25 2007 Christopher Aillon - 2.18.1-4
- Rebuild against newer gecko
* Wed Apr 18 2007 Matthias Clasen - 2.18.1-3
- Improve the man parser a bit
- Fix another crash in the info parser

[ 1 ] Bug #248518
[ 2 ] CVE-2007-3734
[ 3 ] CVE-2007-3735
[ 4 ] CVE-2007-3736
[ 5 ] CVE-2007-3089
[ 6 ] CVE-2007-3737
[ 7 ] CVE-2007-3656
[ 8 ] CVE-2007-3738
Updated packages:

c63a3a6a4a5434c93a33b290c735fc5e8de41d54 yelp-debuginfo-2.18.1-5.fc7.ppc64.rpm
8189e3912354de5473b1482fc5dc4a5bcf5d3542 yelp-2.18.1-5.fc7.ppc64.rpm
0accf32bd892291e131df046fab7c49f5e3a27f7 yelp-2.18.1-5.fc7.i386.rpm
e74679fa4df3f85aa9a1b8059fecd184b8593cc5 yelp-debuginfo-2.18.1-5.fc7.i386.rpm
e1461a532d1f9f01668fb403e352ccabab30a7ba yelp-debuginfo-2.18.1-5.fc7.x86_64.rpm
1045f9a8b3ce7bee1aec96346627bcc705a917e8 yelp-2.18.1-5.fc7.x86_64.rpm
e257859438fdb0a8499dffa2faf7be5f316b6b21 yelp-debuginfo-2.18.1-5.fc7.ppc.rpm
433d322ce574f396ab53e21b89a1a1cd3ee54951 yelp-2.18.1-5.fc7.ppc.rpm
7f370f4293dbad21b82abba7e2989288ea33e69f yelp-2.18.1-5.fc7.src.rpm

This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at

Solution: Apply the appropriate updates.

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3734
BugTraq ID: 24946
Bugtraq: 20070720 rPSA-2007-0148-1 firefox thunderbird (Google Search)
Bugtraq: 20070724 FLEA-2007-0033-1: firefox thunderbird (Google Search)
Debian Security Information: DSA-1337 (Google Search)
Debian Security Information: DSA-1338 (Google Search)
Debian Security Information: DSA-1339 (Google Search)
Debian Security Information: DSA-1391 (Google Search)
HPdes Security Advisory: HPSBUX02153
HPdes Security Advisory: HPSBUX02156
HPdes Security Advisory: SSRT061181
HPdes Security Advisory: SSRT061236
SGI Security Advisory: 20070701-01-P
SuSE Security Announcement: SUSE-SA:2007:049 (Google Search)
XForce ISS Database: mozilla-browser-engine-code-execution(35458)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3735
XForce ISS Database: mozilla-javascript-eng-code-execution(35459)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3736
XForce ISS Database: mozilla-addeventlistener-settimeout-xss(35462)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3089
BugTraq ID: 24286
Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search)
Cert/CC Advisory: TA07-199A
CERT/CC vulnerability note: VU#143297
XForce ISS Database: firefox-iframe-security-bypass(34701)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3737
XForce ISS Database: firefox-eventhandler-code-execution(35461)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3656
BugTraq ID: 24831
Bugtraq: 20070709 Firefox wyciwyg:// cache zone bypass (Google Search)
XForce ISS Database: mozilla-wyciwyg-security-bypass(35298)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3738
SuSE Security Announcement: SUSE-SA:2007:057 (Google Search)
XForce ISS Database: firefox-xpcnativewrapper-code-execution(35460)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.