Fedora update for firefox - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Fedora update for firefox

Secunia Advisory:	SA27855
Release Date:	2007-11-29
Last Update:	2007-12-04

Critical:	Highly critical
Impact:	Cross Site Scripting DoS System access
Where:	From remote
Solution Status:	Vendor Patch

OS:	Fedora 7 Fedora Core 6


CVE reference:	CVE-2007-5947 (Secunia mirror) CVE-2007-5959 (Secunia mirror) CVE-2007-5960 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: Fedora has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks or potentially compromise a user's system. For more information: SA27605 SA27725 Solution: Apply updated packages. -- Fedora 7 -- 5f82702a784c18ca7d95e40cac357a8a270ec0ef firefox-2.0.0.10-1.fc7.ppc64.rpm c5b65c29ec1ac0894ca8e97e04408fb5517312a6 firefox-devel-2.0.0.10-1.fc7.ppc64.rpm f9c562f877641658be04d0eea9dd2271a420a981 firefox-debuginfo-2.0.0.10-1.fc7.ppc64.rpm 5b7429aa2da63128d205c4f4ecec70a3e7857058 firefox-devel-2.0.0.10-1.fc7.i386.rpm 3336f3e9a798970f7bbee58f131df1bffdd64261 firefox-debuginfo-2.0.0.10-1.fc7.i386.rpm 9119dfbf1255b77a9e716253f85f489bf808ca91 firefox-2.0.0.10-1.fc7.i386.rpm d77ecd089cf879bded44d4a7511db13f1e86bbea firefox-2.0.0.10-1.fc7.x86_64.rpm fbec7cd5600ac4adf25e5bae5ee3a13a7f1630aa firefox-devel-2.0.0.10-1.fc7.x86_64.rpm d45a47a2e3d2cbf3cef8a0b1a95975b3eec41501 firefox-debuginfo-2.0.0.10-1.fc7.x86_64.rpm d6c62a8d2bd9d1c458d48e65017a0140aab0eba5 firefox-debuginfo-2.0.0.10-1.fc7.ppc.rpm 8e84244029764b858651deee75aa5cc398df0636 firefox-2.0.0.10-1.fc7.ppc.rpm ff108dfe5450667292bd145bd7d298ba8b1f2aa1 firefox-devel-2.0.0.10-1.fc7.ppc.rpm 2beb6aa9a394af9dca72f410dd723513516cfec8 firefox-2.0.0.10-1.fc7.src.rpm --Fedora Core 6 -- 21acdc500393fa89ac842b73ca03e868f91f7ebf SRPMS/firefox-1.5.0.12-7.fc6.src.rpm 21acdc500393fa89ac842b73ca03e868f91f7ebf noarch/firefox-1.5.0.12-7.fc6.src.rpm 110485359839ac5c88ac8746d90d500f52c86f36 ppc/firefox-devel-1.5.0.12-7.fc6.ppc.rpm 25714f423b1edfde6bb3011f998fccf989f1f02e ppc/debug/firefox-debuginfo-1.5.0.12-7.fc6.ppc.rpm e40822b009bb9d3807930d70f09e8db1d10a56e3 ppc/firefox-1.5.0.12-7.fc6.ppc.rpm 7b7a0e72648f74c3e4b355087fe24f6395bd9eff x86_64/firefox-1.5.0.12-7.fc6.x86_64.rpm d7abe306f7b17fdf2614f3d32e1982bdc8b58ea5 x86_64/firefox-devel-1.5.0.12-7.fc6.x86_64.rpm b19b21045af141d4bb0dd72470c177d190eebb6b x86_64/debug/firefox-debuginfo-1.5.0.12-7.fc6.x86_64.rpm 840f0704883ab3156808267ec79f189a49ea500d i386/firefox-1.5.0.12-7.fc6.i386.rpm 385b9eac86bcd357ea38778ee0c09bdfc014dd75 i386/firefox-devel-1.5.0.12-7.fc6.i386.rpm cf7741bea37d5b1dda2d85c66a868dc29e4ac5e3 i386/debug/firefox-debuginfo-1.5.0.12-7.fc6.i386.rpm Changelog: 2007-12-04: Added "Fedora Core 6" to list of affected products. Updated "Solution" section. Original Advisory: https://www.redhat.com/archives/fedor...-announce/2007-November/msg01011.html https://www.redhat.com/archives/fedor...-announce/2007-December/msg00115.html Other References: SA27605: http://secunia.com/advisories/27605/ SA27725: http://secunia.com/advisories/27725/



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

292 Related Secunia Security Advisories, displaying 10

1. Fedora update for roundcubemail

2. Fedora update for xorg-x11-server

3. Fedora update for kronolith

4. Fedora update for net-snmp

5. Fedora update for openoffice.org

6. Fedora update for evolution

7. Fedora update for snort

8. Fedora update for libpng

9. Fedora update for imlib2

10. Fedora update for samba

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Apple Safari Cross-Domain Cookie Injection Vulnerability

2.	YouTube Blog Multiple Vulnerabilities

3.	dnsmasq Denial of Service and DNS Cache Poisoning

4.	Moodle Script Insertion and Cross-Site Request Forgery

5.	Asterisk Two Denial of Service Vulnerabilities

6.	Ubuntu update for dnsmasq

7.	Claroline Multiple Cross-Site Scripting Vulnerabilities

8.	Geeklog Forum Plugin Search Cross-Site Scripting Vulnerability

9.	IPCop update for various packages

10.	SocialEngine SQL Injection and Code Execution