Oval Definition:	oval:com.redhat.rhsa:def:20080597
Revision Date: 2008-07-17 Version: 642 Title: RHSA-2008:0597: firefox security update (Critical) Description: Mozilla Firefox is an open source Web browser. An integer overflow flaw was found in the way Firefox displayed certain web content. A malicious web site could cause Firefox to crash, or execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-2785) A flaw was found in the way Firefox handled certain command line URLs. If another application passed Firefox a malformed URL, it could result in Firefox executing local malicious content with chrome privileges. (CVE-2008-2933) All firefox users should upgrade to these updated packages, which contain Firefox 3.0.1 that corrects these issues. Family: unix Class: patch Status: Reference(s): CVE-2008-2785 CVE-2008-2933 CVE-2008-3198 RHSA-2008:0597 RHSA-2008:0597-02 RHSA-2008:0597-02 Platform(s): Red Hat Enterprise Linux 5 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 5 is installed AND devhelp is earlier than 0:0.12-18.el5 AND devhelp is signed with Red Hat redhatrelease2 key devhelp-devel is earlier than 0:0.12-18.el5 AND devhelp-devel is signed with Red Hat redhatrelease2 key xulrunner is earlier than 0:1.9.0.1-1.el5 AND xulrunner is signed with Red Hat redhatrelease2 key xulrunner-devel is earlier than 0:1.9.0.1-1.el5 AND xulrunner-devel is signed with Red Hat redhatrelease2 key xulrunner-devel-unstable is earlier than 0:1.9.0.1-1.el5 AND xulrunner-devel-unstable is signed with Red Hat redhatrelease2 key yelp is earlier than 0:2.16.0-20.el5 AND yelp is signed with Red Hat redhatrelease2 key firefox is earlier than 0:3.0.1-1.el5 AND firefox is signed with Red Hat redhatrelease2 key nspluginwrapper is earlier than 0:0.9.91.5-22.el5 AND nspluginwrapper is signed with Red Hat redhatrelease2 key
BACK