1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2010-10344

[FEDORA-2010-10344] Fedora 12: firefox, mozvoikko, galeon, xulrunner, gnome-web-photo & 2 more

Severity High
Affected Packages 7
CVEs 11
Info Packages References Vulnerabilities

Update to new upstream Firefox version 3.5.10, fixing a security issue detailed
in the upstream advisory: http://www.mozilla.org/security/known-
vulnerabilities/firefox36.html#firefox3.5.10 Update also includes packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-0183
CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197
CVE-2008-5913

Package Affected Version
pkg:rpm/fedora/xulrunner?distro=fedora-12 < 1.9.1.10.1.fc12
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-12 < 0.08.6.fc12.13
pkg:rpm/fedora/mozvoikko?distro=fedora-12 < 1.0.10.fc12
pkg:rpm/fedora/gnome-web-photo?distro=fedora-12 < 0.9.7.fc12
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-12 < 2.25.3.18.fc12
pkg:rpm/fedora/galeon?distro=fedora-12 < 2.0.7.23.fc12
pkg:rpm/fedora/firefox?distro=fedora-12 < 3.5.10.1.fc12
ID
FEDORA-2010-10344
Severity
high
Severity from
CVE-2010-1121
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2010-10344
Published
2010-06-24T16:26:47
(14 years ago)
Modified
2010-06-24T16:26:47
(14 years ago)
Rights
Copyright 2010 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 590810 Bug #590810 - CVE-2010-1202 Mozilla Crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=590810
Bugzilla 590822 Bug #590822 - CVE-2010-0183 Mozilla Use-after-free error in nsCycleCollector::MarkRoots() https://bugzilla.redhat.com/show_bug.cgi?id=590822
Bugzilla 480938 Bug #480938 - CVE-2008-5913 mozilla: in-session phishing attack https://bugzilla.redhat.com/show_bug.cgi?id=480938
Bugzilla 590828 Bug #590828 - CVE-2010-1198 Mozilla Freed object reuse across plugin instances https://bugzilla.redhat.com/show_bug.cgi?id=590828
Bugzilla 590804 Bug #590804 - CVE-2010-1200 Mozilla Crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=590804
Bugzilla 590850 Bug #590850 - CVE-2010-1197 Mozilla Content-Disposition: attachment ignored if Content-Type: multipart also present https://bugzilla.redhat.com/show_bug.cgi?id=590850
Bugzilla 590830 Bug #590830 - CVE-2010-1196 Mozilla Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal https://bugzilla.redhat.com/show_bug.cgi?id=590830
Bugzilla 577584 Bug #577584 - CVE-2010-1125 firefox: keystrokes sent to hidden frame rather than visible frame due to javascript flaw https://bugzilla.redhat.com/show_bug.cgi?id=577584
Bugzilla 590833 Bug #590833 - CVE-2010-1199 Mozilla Integer Overflow in XSLT Node Sorting https://bugzilla.redhat.com/show_bug.cgi?id=590833
Bugzilla 577029 Bug #577029 - CVE-2010-1121 firefox: arbitrary code execution via memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=577029
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/xulrunner?distro=fedora-12 fedora xulrunner < 1.9.1.10.1.fc12 fedora-12
Affected pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-12 fedora perl-Gtk2-MozEmbed < 0.08.6.fc12.13 fedora-12
Affected pkg:rpm/fedora/mozvoikko?distro=fedora-12 fedora mozvoikko < 1.0.10.fc12 fedora-12
Affected pkg:rpm/fedora/gnome-web-photo?distro=fedora-12 fedora gnome-web-photo < 0.9.7.fc12 fedora-12
Affected pkg:rpm/fedora/gnome-python2-extras?distro=fedora-12 fedora gnome-python2-extras < 2.25.3.18.fc12 fedora-12
Affected pkg:rpm/fedora/galeon?distro=fedora-12 fedora galeon < 2.0.7.23.fc12 fedora-12
Affected pkg:rpm/fedora/firefox?distro=fedora-12 fedora firefox < 3.5.10.1.fc12 fedora-12
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date