[FEDORA-2007-642] Fedora 6: firefox
Mozilla Firefox is an open-source web browser, designed for
standards compliance, performance and portability.
Several flaws were found in the way Firefox processed
certain malformed JavaScript code. A web page containing
malicious JavaScript code could cause Firefox to crash or
potentially execute arbitrary code as the user running
Firefox. (CVE-2007-3734, CVE-2007-3735)
Several flaws were found in the way Firefox handles certain
JavaScript code. A web page containing malicious JavaScript
code could inject arbitrary content into other web pages.
(CVE-2007-3736, CVE-2007-3089)
A flaw was found in the way Firefox cached web pages on the
local disk. A malicious web page may be able to inject
arbitrary HTML into a browsing session if the user reloads a
targeted site. (CVE-2007-3656)
A flaw was found in the way Firefox processes certain web
content. A web page containing malicious content could
execute arbitrary commands as the user running Firefox.
(CVE-2007-3737, CVE-2007-3738)
Users of Firefox are advised to upgrade to these erratum
packages, which contain backported patches that correct
these issues.
Package | Affected Version |
---|---|
pkg:rpm/fedora/firefox?distro=fedora-6 | < 1.5.0.12.4.fc6 |
- ID
- FEDORA-2007-642
- Severity
- high
- Severity from
- CVE-2007-3734
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2007-642
- Published
-
2007-07-20T16:24:04
(17 years ago) - Modified
-
2007-07-20T16:24:04
(17 years ago) - Rights
- Copyright 2007 Red Hat, Inc.
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/firefox?distro=fedora-6 | fedora | firefox | < 1.5.0.12.4.fc6 | fedora-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |