Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 8 FEDORA-2008-9667 (firefox)

The remote host is missing an update to firefox
announced via advisory FEDORA-2008-9667. For details,
please visit the referenced security advisories.


* Wed Nov 12 2008 Christopher Aillon
- Update to
* Tue Sep 23 2008 Christopher Aillon
- Update to


[ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass
[ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect
[ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw
[ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering
[ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption
[ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption
[ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption
[ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore
[ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser
[ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager
[ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation
[ 12 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals
[ 13 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update firefox' at the command line.
For more information, refer to Managing Software with yum,
available at

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-0017
BugTraq ID: 32281
Cert/CC Advisory: TA08-319A
Debian Security Information: DSA-1669 (Google Search)
Debian Security Information: DSA-1671 (Google Search)
Debian Security Information: DSA-1697 (Google Search)
ISS Security Advisory: 20081113 Mozilla Unchecked Allocation Remote Code Execution
SuSE Security Announcement: SUSE-SA:2008:055 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2008-5014
Debian Security Information: DSA-1696 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2008-5016,453406,458637,444864,452157,449111,444260,457375,433429,443528,430394
Common Vulnerability Exposure (CVE) ID: CVE-2008-5017
Common Vulnerability Exposure (CVE) ID: CVE-2008-5018
Common Vulnerability Exposure (CVE) ID: CVE-2008-5019,460983
Common Vulnerability Exposure (CVE) ID: CVE-2008-5021
Common Vulnerability Exposure (CVE) ID: CVE-2008-5022
Common Vulnerability Exposure (CVE) ID: CVE-2008-5023
Common Vulnerability Exposure (CVE) ID: CVE-2008-5024
Common Vulnerability Exposure (CVE) ID: CVE-2008-5015
Common Vulnerability Exposure (CVE) ID: CVE-2008-4582
BugTraq ID: 31611
BugTraq ID: 31747
Bugtraq: 20081007 Firefox Privacy Broken If Used to Open Web Page File (Google Search)
XForce ISS Database: firefox-internet-shortcut-info-disclosure(45740)
Common Vulnerability Exposure (CVE) ID: CVE-2008-5012
BugTraq ID: 32351
Bugtraq: 20081118 Firefox cross-domain image theft (CESA-2008-009) (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2008-5013
CopyrightCopyright (c) 2008 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.