Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2008-0597

Опубликовано: 16 июл. 2008
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2008-0597: firefox security update (CRITICAL)

devhelp:

[0.12-18]

  • Rebuild against xulrunner

firefox:

[3.0.1-1.0.1.el5]

  • Replaced the RedHat prefs and bookmarks with Oracle prefs and bookmarks
  • Add patch oracle-firefox-branding.patch
  • Update firstrun URL

[3.0.1-1]

  • Update to Firefox 3.0.1

xulrunner:

[1.9.0.1-1.0.1.el5]

  • Added xulrunner-oracle-default-prefs.js

[1.9.0.1-1]

  • Update to 1.9.0.1

yelp:

[2.16.0-20]

  • rebuild against xulrunner

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

devhelp

0.12-18.el5

devhelp-devel

0.12-18.el5

firefox

3.0.1-1.0.1.el5

nspluginwrapper

0.9.91.5-22.el5

xulrunner

1.9.0.1-1.0.1.el5

xulrunner-devel

1.9.0.1-1.0.1.el5

xulrunner-devel-unstable

1.9.0.1-1.0.1.el5

yelp

2.16.0-20.el5

Oracle Linux i386

devhelp

0.12-18.el5

devhelp-devel

0.12-18.el5

firefox

3.0.1-1.0.1.el5

nspluginwrapper

0.9.91.5-22.el5

xulrunner

1.9.0.1-1.0.1.el5

xulrunner-devel

1.9.0.1-1.0.1.el5

xulrunner-devel-unstable

1.9.0.1-1.0.1.el5

yelp

2.16.0-20.el5

Связанные CVE

CVE-2008-2785
CVE-2008-2933
CVE-2008-3198

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2008-2785

ubuntu
около 17 лет назад

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.

redhat логотип

CVE-2008-2785

redhat
почти 17 лет назад

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.

nvd логотип

CVE-2008-2785

nvd
около 17 лет назад

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.

debian логотип

CVE-2008-2785

debian
около 17 лет назад

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird befo ...

github логотип

GHSA-wjww-59jc-83xc

github
около 3 лет назад

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.