1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2009-10981

[FEDORA-2009-10981] Fedora 10: blam, epiphany, epiphany-extensions, firefox, galeon & 14 more

Severity High
Affected Packages 19
CVEs 10
Info Packages References Vulnerabilities

Update to new upstream Firefox version 3.0.15, fixing multiple security issues
detailed in the upstream advisories: http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.15 Update also includes all
packages depending on gecko-libs rebuilt against new version of Firefox /
XULRunner.

Package Affected Version
pkg:rpm/fedora/yelp?distro=fedora-10 < 2.24.0.14.fc10
pkg:rpm/fedora/xulrunner?distro=fedora-10 < 1.9.0.15.1.fc10
pkg:rpm/fedora/ruby-gnome2?distro=fedora-10 < 0.19.3.3.fc10
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-10 < 0.08.6.fc10.6
pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-10 < 0.3.8.14.fc10
pkg:rpm/fedora/mugshot?distro=fedora-10 < 1.2.2.14.fc10
pkg:rpm/fedora/mozvoikko?distro=fedora-10 < 0.9.5.15.fc10
pkg:rpm/fedora/Miro?distro=fedora-10 < 2.0.5.5.fc10
pkg:rpm/fedora/kazehakase?distro=fedora-10 < 0.5.6.4.fc10.7
pkg:rpm/fedora/google-gadgets?distro=fedora-10 < 0.10.5.11.fc10
pkg:rpm/fedora/gnome-web-photo?distro=fedora-10 < 0.3.23.fc10
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-10 < 2.19.1.35.fc10
pkg:rpm/fedora/gecko-sharp2?distro=fedora-10 < 0.13.13.fc10
pkg:rpm/fedora/galeon?distro=fedora-10 < 2.0.7.15.fc10
pkg:rpm/fedora/firefox?distro=fedora-10 < 3.0.15.1.fc10
pkg:rpm/fedora/evolution-rss?distro=fedora-10 < 0.1.4.5.fc10
pkg:rpm/fedora/epiphany?distro=fedora-10 < 2.24.3.11.fc10
pkg:rpm/fedora/epiphany-extensions?distro=fedora-10 < 2.24.3.6.fc10
pkg:rpm/fedora/blam?distro=fedora-10 < 1.8.5.15.fc10
ID
FEDORA-2009-10981
Severity
high
Severity from
CVE-2009-3380
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2009-10981
Published
2009-11-04T12:31:06
(15 years ago)
Modified
2009-11-04T12:31:06
(15 years ago)
Rights
Copyright 2009 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 530157 Bug #530157 - CVE-2009-3374 Firefox chrome privilege escalation in XPCVariant::VariantDataToJS() https://bugzilla.redhat.com/show_bug.cgi?id=530157
Bugzilla 530162 Bug #530162 - CVE-2009-1563 Firefox heap buffer overflow in string to number conversion https://bugzilla.redhat.com/show_bug.cgi?id=530162
Bugzilla 530155 Bug #530155 - CVE-2009-3372 Firefox crash in proxy auto-configuration regexp parsing https://bugzilla.redhat.com/show_bug.cgi?id=530155
Bugzilla 530151 Bug #530151 - CVE-2009-3370 Firefox form history vulnerable to stealing https://bugzilla.redhat.com/show_bug.cgi?id=530151
Bugzilla 530569 Bug #530569 - CVE-2009-3382 Firefox crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=530569
Bugzilla 530156 Bug #530156 - CVE-2009-3373 Firefox heap buffer overflow in GIF color map parser https://bugzilla.redhat.com/show_bug.cgi?id=530156
Bugzilla 530167 Bug #530167 - CVE-2009-3375 Firefox cross-origin data theft through document.getSelection() https://bugzilla.redhat.com/show_bug.cgi?id=530167
Bugzilla 530168 Bug #530168 - CVE-2009-3376 Firefox download filename spoofing with RTL override https://bugzilla.redhat.com/show_bug.cgi?id=530168
Bugzilla 524815 Bug #524815 - CVE-2009-3274 Firefox: Predictable /tmp pathname use https://bugzilla.redhat.com/show_bug.cgi?id=524815
Bugzilla 530567 Bug #530567 - CVE-2009-3380 Firefox crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=530567
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/yelp?distro=fedora-10 fedora yelp < 2.24.0.14.fc10 fedora-10
Affected pkg:rpm/fedora/xulrunner?distro=fedora-10 fedora xulrunner < 1.9.0.15.1.fc10 fedora-10
Affected pkg:rpm/fedora/ruby-gnome2?distro=fedora-10 fedora ruby-gnome2 < 0.19.3.3.fc10 fedora-10
Affected pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-10 fedora perl-Gtk2-MozEmbed < 0.08.6.fc10.6 fedora-10
Affected pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-10 fedora pcmanx-gtk2 < 0.3.8.14.fc10 fedora-10
Affected pkg:rpm/fedora/mugshot?distro=fedora-10 fedora mugshot < 1.2.2.14.fc10 fedora-10
Affected pkg:rpm/fedora/mozvoikko?distro=fedora-10 fedora mozvoikko < 0.9.5.15.fc10 fedora-10
Affected pkg:rpm/fedora/Miro?distro=fedora-10 fedora Miro < 2.0.5.5.fc10 fedora-10
Affected pkg:rpm/fedora/kazehakase?distro=fedora-10 fedora kazehakase < 0.5.6.4.fc10.7 fedora-10
Affected pkg:rpm/fedora/google-gadgets?distro=fedora-10 fedora google-gadgets < 0.10.5.11.fc10 fedora-10
Affected pkg:rpm/fedora/gnome-web-photo?distro=fedora-10 fedora gnome-web-photo < 0.3.23.fc10 fedora-10
Affected pkg:rpm/fedora/gnome-python2-extras?distro=fedora-10 fedora gnome-python2-extras < 2.19.1.35.fc10 fedora-10
Affected pkg:rpm/fedora/gecko-sharp2?distro=fedora-10 fedora gecko-sharp2 < 0.13.13.fc10 fedora-10
Affected pkg:rpm/fedora/galeon?distro=fedora-10 fedora galeon < 2.0.7.15.fc10 fedora-10
Affected pkg:rpm/fedora/firefox?distro=fedora-10 fedora firefox < 3.0.15.1.fc10 fedora-10
Affected pkg:rpm/fedora/evolution-rss?distro=fedora-10 fedora evolution-rss < 0.1.4.5.fc10 fedora-10
Affected pkg:rpm/fedora/epiphany?distro=fedora-10 fedora epiphany < 2.24.3.11.fc10 fedora-10
Affected pkg:rpm/fedora/epiphany-extensions?distro=fedora-10 fedora epiphany-extensions < 2.24.3.6.fc10 fedora-10
Affected pkg:rpm/fedora/blam?distro=fedora-10 fedora blam < 1.8.5.15.fc10 fedora-10
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date