Secunia - Stay Secure
Home Corporate Website Jobs Updated Mailing Lists RSS Blog  Online Shop Advertise
Software Inspectors
  Scan Online
  Personal (PSI)
  Network (NSI 2.0)

Solutions For
  Security Professionals
  Security Vendors

Free Solutions For
  Open Communities
  Journalists & Media

Secunia Advisories
  Search
  Historic Advisories
  Listed By Product
  Listed By Vendor
  Statistics / Graphs
  Secunia Research
  Report Vulnerability
  About Advisories

Virus Information
  Chronological List
  Last 10 Virus Alerts
  About Virus Information

Secunia Customers
  Customer Area


Debian update for mozilla-firefox Advisory Available in Danish 

Secunia Advisory: SA16507  
Release Date: 2005-08-22

Critical:
Highly critical
Impact: Security Bypass
Cross Site Scripting
Spoofing
System access
Where: From remote
Solution Status: Vendor Patch

OS:Debian GNU/Linux 3.1
Debian GNU/Linux unstable alias sid


CVE reference:CVE-2005-2260 (Secunia mirror)
CVE-2005-2261 (Secunia mirror)
CVE-2005-2262 (Secunia mirror)
CVE-2005-2263 (Secunia mirror)
CVE-2005-2264 (Secunia mirror)
CVE-2005-2265 (Secunia mirror)
CVE-2005-2266 (Secunia mirror)
CVE-2005-2267 (Secunia mirror)
CVE-2005-2268 (Secunia mirror)
CVE-2005-2269 (Secunia mirror)
CVE-2005-2270 (Secunia mirror)
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS!


Description:
Debian has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, and compromise a user's system.

For more information:
SA15489
SA15551
SA16059

Solution:
Apply updated packages.

-- Debian GNU/Linux 3.1 alias sarge --

Source archives:

http://security.debian.org/pool/updat...fox/mozilla-firefox_1.0.4-2sarge2.dsc
Size/MD5 checksum: 1001 a5cf2fc8bc04662e6c192c15666011e4
http://security.debian.org/pool/updat...mozilla-firefox_1.0.4-2sarge2.diff.gz
Size/MD5 checksum: 285974 45e66f5ddde0d5c016fd15268da0e522
http://security.debian.org/pool/updat...fox/mozilla-firefox_1.0.4.orig.tar.gz
Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d

Alpha architecture:

http://security.debian.org/pool/updat...zilla-firefox_1.0.4-2sarge2_alpha.deb
Size/MD5 checksum: 11162656 4c8e579214a7bd4030303c6e33ec95f7
http://security.debian.org/pool/updat...dom-inspector_1.0.4-2sarge2_alpha.deb
Size/MD5 checksum: 166698 027d4c7fddb899faff3ef9928864bb71
http://security.debian.org/pool/updat...gnome-support_1.0.4-2sarge2_alpha.deb
Size/MD5 checksum: 58528 2cff714da9bf45d1112621132f9fc940

AMD64 architecture:

http://security.debian.org/pool/updat...zilla-firefox_1.0.4-2sarge2_amd64.deb
Size/MD5 checksum: 9396736 0a28ce7a8f6f783f16c201fc0daf6e0a
http://security.debian.org/pool/updat...dom-inspector_1.0.4-2sarge2_amd64.deb
Size/MD5 checksum: 161458 f9384873ae04a233001b37088abc510a
http://security.debian.org/pool/updat...gnome-support_1.0.4-2sarge2_amd64.deb
Size/MD5 checksum: 57012 b09a95b0f7587001540398f1a5fce173

ARM architecture:

http://security.debian.org/pool/updat...mozilla-firefox_1.0.4-2sarge2_arm.deb
Size/MD5 checksum: 8216228 9ca98872228db6ba98cf5123d642fc4b
http://security.debian.org/pool/updat...x-dom-inspector_1.0.4-2sarge2_arm.deb
Size/MD5 checksum: 152944 e0dc5a23ec713373753bcdf4e774c6f7
http://security.debian.org/pool/updat...x-gnome-support_1.0.4-2sarge2_arm.deb
Size/MD5 checksum: 52362 decd529d18ee714bcf2dbe5a82e53e37

Intel IA-32 architecture:

http://security.debian.org/pool/updat...ozilla-firefox_1.0.4-2sarge2_i386.deb
Size/MD5 checksum: 8887610 54e66239bff8195d09a76a8b0c65e096
http://security.debian.org/pool/updat...-dom-inspector_1.0.4-2sarge2_i386.deb
Size/MD5 checksum: 156664 e40d4387cdf627df5706e8a83f39640d
http://security.debian.org/pool/updat...-gnome-support_1.0.4-2sarge2_i386.deb
Size/MD5 checksum: 53906 3bc7062690df1334a92eeeae36819ea0

Intel IA-64 architecture:

http://security.debian.org/pool/updat...ozilla-firefox_1.0.4-2sarge2_ia64.deb
Size/MD5 checksum: 11615046 5b41f9a2f87e8bc9017c94cd5b24b180
http://security.debian.org/pool/updat...-dom-inspector_1.0.4-2sarge2_ia64.deb
Size/MD5 checksum: 167044 67972c83f83c325861b21ff6486519e9
http://security.debian.org/pool/updat...-gnome-support_1.0.4-2sarge2_ia64.deb
Size/MD5 checksum: 61720 86ecafea4b179e1739ea521402d2e53b

HP Precision architecture:

http://security.debian.org/pool/updat...ozilla-firefox_1.0.4-2sarge2_hppa.deb
Size/MD5 checksum: 10264776 822d581c33a2628807fd955c1a72a66a
http://security.debian.org/pool/updat...-dom-inspector_1.0.4-2sarge2_hppa.deb
Size/MD5 checksum: 164432 bf6da3e624453a2b9669f889e56c0a76
http://security.debian.org/pool/updat...-gnome-support_1.0.4-2sarge2_hppa.deb
Size/MD5 checksum: 57512 aa8ee4e91cdead5a455a70c3608ba85e

Motorola 680x0 architecture:

http://security.debian.org/pool/updat...ozilla-firefox_1.0.4-2sarge2_m68k.deb
Size/MD5 checksum: 8166186 6ae9415318e2156f420b1926936f28b6
http://security.debian.org/pool/updat...-dom-inspector_1.0.4-2sarge2_m68k.deb
Size/MD5 checksum: 155562 54c6667bd665e961b5bd45c2b44df43d
http://security.debian.org/pool/updat...-gnome-support_1.0.4-2sarge2_m68k.deb
Size/MD5 checksum: 53176 7c3a5484eb5d7155181653d25f927af1

Big endian MIPS architecture:

http://security.debian.org/pool/updat...ozilla-firefox_1.0.4-2sarge2_mips.deb
Size/MD5 checksum: 9917724 bc430e659978ea1114dc38c0982a5917
http://security.debian.org/pool/updat...-dom-inspector_1.0.4-2sarge2_mips.deb
Size/MD5 checksum: 154452 84399a208bda215a7983bc2f35f30bd2
http://security.debian.org/pool/updat...-gnome-support_1.0.4-2sarge2_mips.deb
Size/MD5 checksum: 54188 f6ea0de213759e27da7dc5c06c6a5e57

Little endian MIPS architecture:

http://security.debian.org/pool/updat...illa-firefox_1.0.4-2sarge2_mipsel.deb
Size/MD5 checksum: 9802342 7e995ec5e6ee01d2ebc86d8e6e77d58a
http://security.debian.org/pool/updat...om-inspector_1.0.4-2sarge2_mipsel.deb
Size/MD5 checksum: 154006 110274d1994cfe33062244e28ee04fd6
http://security.debian.org/pool/updat...nome-support_1.0.4-2sarge2_mipsel.deb
Size/MD5 checksum: 54012 83610c805d36e4cea229cab960a06e32

PowerPC architecture:

http://security.debian.org/pool/updat...lla-firefox_1.0.4-2sarge2_powerpc.deb
Size/MD5 checksum: 8560170 ac40dd1ebef525009556eac5f5dbeff3
http://security.debian.org/pool/updat...m-inspector_1.0.4-2sarge2_powerpc.deb
Size/MD5 checksum: 155046 ab31c9d12c13b9e63a4af5f8babcb6ad
http://security.debian.org/pool/updat...ome-support_1.0.4-2sarge2_powerpc.deb
Size/MD5 checksum: 56300 dab2c4918f383416a2418c2327988cc1

IBM S/390 architecture:

http://security.debian.org/pool/updat...ozilla-firefox_1.0.4-2sarge2_s390.deb
Size/MD5 checksum: 9635642 2514b2a60f87aedff82c0d5c29f53f25
http://security.debian.org/pool/updat...-dom-inspector_1.0.4-2sarge2_s390.deb
Size/MD5 checksum: 162076 2a3fe0537ebeebc2ea9f1a3aa952279c
http://security.debian.org/pool/updat...-gnome-support_1.0.4-2sarge2_s390.deb
Size/MD5 checksum: 56488 a914c752690bc8abcb6ad247d73dc041

Sun Sparc architecture:

http://security.debian.org/pool/updat...zilla-firefox_1.0.4-2sarge2_sparc.deb
Size/MD5 checksum: 8649734 60765d2a2480a9aa5b45d288a2d6df65
http://security.debian.org/pool/updat...dom-inspector_1.0.4-2sarge2_sparc.deb
Size/MD5 checksum: 155298 9aab4bf6a3a7187243b60b044ed4d80c
http://security.debian.org/pool/updat...gnome-support_1.0.4-2sarge2_sparc.deb
Size/MD5 checksum: 52734 5af8d15d55aa1d13e80776e1079c2007


-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.0.6-1.

Original Advisory:
http://www.debian.org/security/2005/dsa-779

Other References:
SA15489:
http://secunia.com/advisories/15489/

SA15551:
http://secunia.com/advisories/15551/

SA16059:
http://secunia.com/advisories/16059/


Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

1212 Related Secunia Security Advisories, displaying 10

1. Debian update for postfix
2. Debian update for pdns
3. Debian update for httracker
4. Debian update for opensc
5. Debian update for cupsys
6. Debian update for libxslt
7. Debian update for newsx
8. Debian update for ruby1.9
9. Debian update for python2.5
10. Debian update for icedove

Show all related advisories


Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.








Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Do you think it's important to read Setup/User Guides for applications for use within your network?


See Results   


Most Popular Advisories

1.
rPath update for kernel and xen
2.
Opera Multiple Vulnerabilities
3.
Folder Lock Weak Password Encryption Security Issue
4.
vBulletin Private Message Subject Script Insertion
5.
neon "parse_domain() " Denial of Service Vulnerability
6.
SunShop Shopping Cart class.ajax.php SQL Injection Vulnerabilities
7.
Subdreamer Light Global Variables SQL Injection Vulnerability
8.
PHP Live Helper Multiple Vulnerabilities
9.
Microsoft Access Snapshot Viewer ActiveX Control Vulnerability
10.
Anzio Web Print Object (WePO) ActiveX Component "mainurl" Buffer Overflow





Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia