[FEDORA-2008-8425] Fedora 9: firefox, xulrunner, cairo-dock, devhelp, blam & 16 more
Mozilla Firefox is an open source Web browser. Several flaws were found in
the processing of malformed web content. A web page containing malicious content
could cause Firefox to crash or, potentially, execute arbitrary code as the user
running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062,
CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed
web content was displayed. A web page containing specially crafted content could
potentially trick a Firefox user into surrendering sensitive information.
(CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles
mouse click events. A web page containing specially crafted JavaScript code
could move the content window while a mouse-button was pressed, causing any item
under the pointer to be dragged. This could, potentially, cause the user to
perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in
Firefox that caused certain characters to be stripped from JavaScript code. This
flaw could allow malicious JavaScript to bypass or evade script filters.
(CVE-2008-4065) For technical details regarding these flaws, please see the
Mozilla security advisories for Firefox 3.0.2.[1] All Firefox users should
upgrade to these updated packages, which contain patches that correct these
issues. [1] http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.2
- ID
- FEDORA-2008-8425
- Severity
- high
- Severity from
- CVE-2008-4061
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2008-8425
- Published
-
2008-09-28T18:40:02
(16 years ago) - Modified
-
2008-09-28T18:40:02
(16 years ago) - Rights
- Copyright 2008 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 449279 | Bug #449279 - totem-video-thumbnailer fails to work with flash video files | https://bugzilla.redhat.com/show_bug.cgi?id=449279 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/yelp?distro=fedora-9 | fedora | yelp | < 2.22.1.5.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/xulrunner?distro=fedora-9 | fedora | xulrunner | < 1.9.0.2.1.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/totem?distro=fedora-9 | fedora | totem | < 2.23.2.7.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/ruby-gnome2?distro=fedora-9 | fedora | ruby-gnome2 | < 0.17.0.2.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/mugshot?distro=fedora-9 | fedora | mugshot | < 1.2.2.2.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/mozvoikko?distro=fedora-9 | fedora | mozvoikko | < 0.9.5.3.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/Miro?distro=fedora-9 | fedora | Miro | < 1.2.4.3.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/kazehakase?distro=fedora-9 | fedora | kazehakase | < 0.5.5.1.fc9.1 | fedora-9 | ||
Affected | pkg:rpm/fedora/gtkmozembedmm?distro=fedora-9 | fedora | gtkmozembedmm | < 1.4.2.cvs20060817.21.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/google-gadgets?distro=fedora-9 | fedora | google-gadgets | < 0.10.1.5.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/gnome-web-photo?distro=fedora-9 | fedora | gnome-web-photo | < 0.3.14.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/gnome-python2-extras?distro=fedora-9 | fedora | gnome-python2-extras | < 2.19.1.18.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/galeon?distro=fedora-9 | fedora | galeon | < 2.0.5.3.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/firefox?distro=fedora-9 | fedora | firefox | < 3.0.2.1.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/evolution-rss?distro=fedora-9 | fedora | evolution-rss | < 0.1.0.3.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/epiphany?distro=fedora-9 | fedora | epiphany | < 2.22.2.4.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/epiphany-extensions?distro=fedora-9 | fedora | epiphany-extensions | < 2.22.1.4.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/devhelp?distro=fedora-9 | fedora | devhelp | < 0.19.1.4.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/chmsee?distro=fedora-9 | fedora | chmsee | < 1.0.1.5.fc9 | fedora-9 | ||
Affected | pkg:rpm/fedora/cairo-dock?distro=fedora-9 | fedora | cairo-dock | < 1.6.2.3.1.fc9.1 | fedora-9 | ||
Affected | pkg:rpm/fedora/blam?distro=fedora-9 | fedora | blam | < 1.8.5.2.fc9 | fedora-9 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |