Oval Definition:oval:com.redhat.rhsa:def:20080598
Revision Date:2008-07-17Version:637
Title:RHSA-2008:0598: firefox security update (Critical)
Description:Mozilla Firefox is an open source Web browser.

  • An integer overflow flaw was found in the way Firefox displayed certain web content. A malicious web site could cause Firefox to crash, or execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-2785)

  • A flaw was found in the way Firefox handled certain command line URLs. If another application passed Firefox a malformed URL, it could result in Firefox executing local malicious content with chrome privileges. (CVE-2008-2933)

    All firefox users should upgrade to this updated package, which contains backported patches that correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-2785
    CVE-2008-2933
    RHSA-2008:0598
    RHSA-2008:0598-02
    RHSA-2008:0598-02
    Platform(s):Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND firefox is earlier than 0:1.5.0.12-0.21.el4
  • AND firefox is signed with Red Hat redhatrelease2 key
    • BACK