FrSIRT - Fedora Security Update Fixes Mozilla Firefox Multiple Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes Mozilla Firefox Multiple Vulnerabilities

Date de Publication : 2007-12-04 © FrSIRT.COM
Titre : Fedora Security Update Fixes Mozilla Firefox Multiple Vulnerabilities
Identifiant : FrSIRT/AVIS-2007-4077
CVE ID : CVE-2007-5947 - CVE-2007-5959 - CVE-2007-5960
Risque : Critique (4/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Fedora, elles pourraient être exploitées par des attaquants afin de contourner les mesures de sécurité, causer un déni de service ou compromettre un système vulnérable [...]

Solution

Installer les mises à jour :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

21acdc500393fa89ac842b73ca03e868f91f7ebf SRPMS/firefox-1.5.0.12-7.fc6.src.rpm
21acdc500393fa89ac842b73ca03e868f91f7ebf noarch/firefox-1.5.0.12-7.fc6.src.rpm
110485359839ac5c88ac8746d90d500f52c86f36 ppc/firefox-devel-1.5.0.12-7.fc6.ppc.rpm
25714f423b1edfde6bb3011f998fccf989f1f02e ppc/debug/firefox-debuginfo-1.5.0.12-7.fc6.ppc.rpm
e40822b009bb9d3807930d70f09e8db1d10a56e3 ppc/firefox-1.5.0.12-7.fc6.ppc.rpm
7b7a0e72648f74c3e4b355087fe24f6395bd9eff x86_64/firefox-1.5.0.12-7.fc6.x86_64.rpm
d7abe306f7b17fdf2614f3d32e1982bdc8b58ea5 x86_64/firefox-devel-1.5.0.12-7.fc6.x86_64.rpm
b19b21045af141d4bb0dd72470c177d190eebb6b x86_64/debug/firefox-debuginfo-1.5.0.12-7.fc6.x86_64.rpm
840f0704883ab3156808267ec79f189a49ea500d i386/firefox-1.5.0.12-7.fc6.i386.rpm
385b9eac86bcd357ea38778ee0c09bdfc014dd75 i386/firefox-devel-1.5.0.12-7.fc6.i386.rpm
cf7741bea37d5b1dda2d85c66a868dc29e4ac5e3 i386/debug/firefox-debuginfo-1.5.0.12-7.fc6.i386.rpm

Historique

2007-12-04 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	IBM Lotus Quickr Denial of Service Vulnerabilities
	IBM Tivoli Netcool/Webtop Multiple Security Bypass Vulnerabilities
	IBM WebSphere Application Server Security Exposure Vulnerabilities
	IBM DB2 Universal Database Multiple Denial of Service
	IBM AIX "swcons" Insecure Permission Privilege Escalation Vulnerability
	IBM WebSphere Application Server Cross Site Scripting Vulnerability
	IBM DB2 CLR Stored Procedures Unspecified Vulnerability

	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability
	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities

	Mozilla Products Code Execution Vulnerabilities
	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution Vulnerabilities
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability
	Mozilla Thunderbird Code Execution and Cross Site Scripting Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues