Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 7 FEDORA-2007-1157 (blam)

The remote host is missing an update to blam
announced via advisory FEDORA-2007-1157.

Blam is a tool that helps you keep track of the growing
number of news feeds distributed as RSS. Blam lets you
subscribe to any number of feeds and provides an easy to
use and clean interface to stay up to date

Update Information:

Updated firefox packages that fix several security bugs are now available for Fedora 7.

Users of Blam are advised to upgrade to this errata package, which has been rebuilt against the updated Firefox package.

* Wed Jul 18 2007 Peter Gordon - 1.8.3-5
- Rebuild for newer Gecko libraries (Firefox
- Depend on the gecko-libs and gecko-devel virtuals, instead of querying RPM
at build-time (Thanks to Chris Aillon for the fix.)
- Alphabetize dependencies, and other minor aesthetic-only spec changes.
* Wed May 30 2007 Peter Gordon - 1.8.3-4
- Rebuild for newer Gecko libraries (Firefox
- Add a patch to fix the default theme directory search path to prevent crashes
at startup (fixes bug 241465):
+ fix-THEME_DIR-path.patch

[ 1 ] Bug #248518
[ 2 ] CVE-2007-3734
[ 3 ] CVE-2007-3735
[ 4 ] CVE-2007-3736
[ 5 ] CVE-2007-3089
[ 6 ] CVE-2007-3737
[ 7 ] CVE-2007-3656
[ 8 ] CVE-2007-3738
Updated packages:

da83cd91995ab746bd9f354afafe55c57c315945 blam-debuginfo-1.8.3-5.fc7.i386.rpm
29422664a622c42c945880b75036b4e4eb9100bd blam-1.8.3-5.fc7.i386.rpm
a96edfab0ec40216955d9290d31be655a1ab8f7e blam-1.8.3-5.fc7.x86_64.rpm
ad5019c0ccd5432fd811f3ea7977d633b7d37753 blam-debuginfo-1.8.3-5.fc7.x86_64.rpm
6a3ff9c75e684d96c88003ce72d1109a534005cb blam-1.8.3-5.fc7.ppc.rpm
70fbdc37a6c8ff57d0f9c3bf7aa94b7a31ed016b blam-debuginfo-1.8.3-5.fc7.ppc.rpm
6b2d30af7774004a7f60ac97087c5ce37088ab2b blam-1.8.3-5.fc7.src.rpm

This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at

Solution: Apply the appropriate updates.

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3734
BugTraq ID: 24946
Bugtraq: 20070720 rPSA-2007-0148-1 firefox thunderbird (Google Search)
Bugtraq: 20070724 FLEA-2007-0033-1: firefox thunderbird (Google Search)
Debian Security Information: DSA-1337 (Google Search)
Debian Security Information: DSA-1338 (Google Search)
Debian Security Information: DSA-1339 (Google Search)
Debian Security Information: DSA-1391 (Google Search)
HPdes Security Advisory: HPSBUX02153
HPdes Security Advisory: HPSBUX02156
HPdes Security Advisory: SSRT061181
HPdes Security Advisory: SSRT061236
SGI Security Advisory: 20070701-01-P
SuSE Security Announcement: SUSE-SA:2007:049 (Google Search)
XForce ISS Database: mozilla-browser-engine-code-execution(35458)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3735
XForce ISS Database: mozilla-javascript-eng-code-execution(35459)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3736
XForce ISS Database: mozilla-addeventlistener-settimeout-xss(35462)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3089
BugTraq ID: 24286
Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search)
Cert/CC Advisory: TA07-199A
CERT/CC vulnerability note: VU#143297
XForce ISS Database: firefox-iframe-security-bypass(34701)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3737
XForce ISS Database: firefox-eventhandler-code-execution(35461)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3656
BugTraq ID: 24831
Bugtraq: 20070709 Firefox wyciwyg:// cache zone bypass (Google Search)
XForce ISS Database: mozilla-wyciwyg-security-bypass(35298)
Common Vulnerability Exposure (CVE) ID: CVE-2007-3738
SuSE Security Announcement: SUSE-SA:2007:057 (Google Search)
XForce ISS Database: firefox-xpcnativewrapper-code-execution(35460)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.