1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2009-3893

[FEDORA-2009-3893] Fedora 10: epiphany, firefox, epiphany-extensions, xulrunner, blam & 14 more

Severity Medium
Affected Packages 19
CVEs 12
Info Packages References Vulnerabilities

http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.9

Package Affected Version
pkg:rpm/fedora/yelp?distro=fedora-10 < 2.24.0.8.fc10
pkg:rpm/fedora/xulrunner?distro=fedora-10 < 1.9.0.9.1.fc10
pkg:rpm/fedora/ruby-gnome2?distro=fedora-10 < 0.18.1.5.fc10.1
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-10 < 0.08.5.fc10.2
pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-10 < 0.3.8.8.fc10
pkg:rpm/fedora/mugshot?distro=fedora-10 < 1.2.2.8.fc10
pkg:rpm/fedora/mozvoikko?distro=fedora-10 < 0.9.5.9.fc10
pkg:rpm/fedora/Miro?distro=fedora-10 < 2.0.3.3.fc10
pkg:rpm/fedora/kazehakase?distro=fedora-10 < 0.5.6.4.fc10.1
pkg:rpm/fedora/google-gadgets?distro=fedora-10 < 0.10.5.5.fc10
pkg:rpm/fedora/gnome-web-photo?distro=fedora-10 < 0.3.17.fc10
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-10 < 2.19.1.29.fc10
pkg:rpm/fedora/gecko-sharp2?distro=fedora-10 < 0.13.7.fc10
pkg:rpm/fedora/galeon?distro=fedora-10 < 2.0.7.9.fc10
pkg:rpm/fedora/firefox?distro=fedora-10 < 3.0.9.1.fc10
pkg:rpm/fedora/epiphany?distro=fedora-10 < 2.24.3.5.fc10
pkg:rpm/fedora/epiphany-extensions?distro=fedora-10 < 2.24.0.7.fc10
pkg:rpm/fedora/devhelp?distro=fedora-10 < 0.22.7.fc10
pkg:rpm/fedora/blam?distro=fedora-10 < 1.8.5.9.fc10
ID
FEDORA-2009-3893
Severity
medium
Severity from
CVE-2009-1307
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2009-3893
Published
2009-04-24T19:52:12
(15 years ago)
Modified
2009-04-24T19:52:12
(15 years ago)
Rights
Copyright 2009 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 496274 Bug #496274 - CVE-2009-1312 Firefox allows Refresh header to redirect to javascript: URIs https://bugzilla.redhat.com/show_bug.cgi?id=496274
Bugzilla 496253 Bug #496253 - CVE-2009-1303 Firefox 2 and 3 Layout engine crash https://bugzilla.redhat.com/show_bug.cgi?id=496253
Bugzilla 496271 Bug #496271 - CVE-2009-1311 Firefox POST data sent to wrong site when saving web page with embedded frame https://bugzilla.redhat.com/show_bug.cgi?id=496271
Bugzilla 496262 Bug #496262 - CVE-2009-1306 Firefox jar: scheme ignores the content-disposition: header on the inner URI https://bugzilla.redhat.com/show_bug.cgi?id=496262
Bugzilla 496255 Bug #496255 - CVE-2009-1304 Firefox 3 JavaScript engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=496255
Bugzilla 486704 Bug #486704 - CVE-2009-0652 firefox: does not properly prevent the literal rendering of homoglyph characters in IDN domain names (spoof URLs and conduct phishing attacks) https://bugzilla.redhat.com/show_bug.cgi?id=486704
Bugzilla 496252 Bug #496252 - CVE-2009-1302 Firefox 3 Layout engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=496252
Bugzilla 496267 Bug #496267 - CVE-2009-1309 Firefox Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString https://bugzilla.redhat.com/show_bug.cgi?id=496267
Bugzilla 496270 Bug #496270 - CVE-2009-1310 Firefox Malicious search plugins can inject code into arbitrary sites https://bugzilla.redhat.com/show_bug.cgi?id=496270
Bugzilla 496256 Bug #496256 - CVE-2009-1305 Firefox 2 and 3 JavaScript engine crash https://bugzilla.redhat.com/show_bug.cgi?id=496256
Bugzilla 496266 Bug #496266 - CVE-2009-1308 Firefox XSS hazard using third-party stylesheets and XBL bindings https://bugzilla.redhat.com/show_bug.cgi?id=496266
Bugzilla 496263 Bug #496263 - CVE-2009-1307 Firefox Same-origin violations when Adobe Flash loaded via view-source: protocol https://bugzilla.redhat.com/show_bug.cgi?id=496263
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/yelp?distro=fedora-10 fedora yelp < 2.24.0.8.fc10 fedora-10
Affected pkg:rpm/fedora/xulrunner?distro=fedora-10 fedora xulrunner < 1.9.0.9.1.fc10 fedora-10
Affected pkg:rpm/fedora/ruby-gnome2?distro=fedora-10 fedora ruby-gnome2 < 0.18.1.5.fc10.1 fedora-10
Affected pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-10 fedora perl-Gtk2-MozEmbed < 0.08.5.fc10.2 fedora-10
Affected pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-10 fedora pcmanx-gtk2 < 0.3.8.8.fc10 fedora-10
Affected pkg:rpm/fedora/mugshot?distro=fedora-10 fedora mugshot < 1.2.2.8.fc10 fedora-10
Affected pkg:rpm/fedora/mozvoikko?distro=fedora-10 fedora mozvoikko < 0.9.5.9.fc10 fedora-10
Affected pkg:rpm/fedora/Miro?distro=fedora-10 fedora Miro < 2.0.3.3.fc10 fedora-10
Affected pkg:rpm/fedora/kazehakase?distro=fedora-10 fedora kazehakase < 0.5.6.4.fc10.1 fedora-10
Affected pkg:rpm/fedora/google-gadgets?distro=fedora-10 fedora google-gadgets < 0.10.5.5.fc10 fedora-10
Affected pkg:rpm/fedora/gnome-web-photo?distro=fedora-10 fedora gnome-web-photo < 0.3.17.fc10 fedora-10
Affected pkg:rpm/fedora/gnome-python2-extras?distro=fedora-10 fedora gnome-python2-extras < 2.19.1.29.fc10 fedora-10
Affected pkg:rpm/fedora/gecko-sharp2?distro=fedora-10 fedora gecko-sharp2 < 0.13.7.fc10 fedora-10
Affected pkg:rpm/fedora/galeon?distro=fedora-10 fedora galeon < 2.0.7.9.fc10 fedora-10
Affected pkg:rpm/fedora/firefox?distro=fedora-10 fedora firefox < 3.0.9.1.fc10 fedora-10
Affected pkg:rpm/fedora/epiphany?distro=fedora-10 fedora epiphany < 2.24.3.5.fc10 fedora-10
Affected pkg:rpm/fedora/epiphany-extensions?distro=fedora-10 fedora epiphany-extensions < 2.24.0.7.fc10 fedora-10
Affected pkg:rpm/fedora/devhelp?distro=fedora-10 fedora devhelp < 0.22.7.fc10 fedora-10
Affected pkg:rpm/fedora/blam?distro=fedora-10 fedora blam < 1.8.5.9.fc10 fedora-10
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date