Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2010-0332

Опубликовано: 31 мар. 2010
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2010-0332: firefox security update (CRITICAL)

firefox:

[3.0.19-1.0.1.el5_5]

  • Update firstrun and homepage URLs in specfile
  • Added patch oracle-firefox-branding.patch
  • Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding RedHat ones

[3.0.19-1]

  • Update to 3.0.19

xulrunner:

[1.9.0.19-1.0.1.el5_5]

  • Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one.

[1.9.0.19-1]

  • Update to 1.9.0.19

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

firefox

3.0.19-1.0.1.el5_5

xulrunner

1.9.0.19-1.0.1.el5_5

xulrunner-devel

1.9.0.19-1.0.1.el5_5

xulrunner-devel-unstable

1.9.0.19-1.0.1.el5_5

Oracle Linux x86_64

firefox

3.0.19-1.0.1.el5_5

xulrunner

1.9.0.19-1.0.1.el5_5

xulrunner-devel

1.9.0.19-1.0.1.el5_5

xulrunner-devel-unstable

1.9.0.19-1.0.1.el5_5

Oracle Linux i386

firefox

3.0.19-1.0.1.el5_5

xulrunner

1.9.0.19-1.0.1.el5_5

xulrunner-devel

1.9.0.19-1.0.1.el5_5

xulrunner-devel-unstable

1.9.0.19-1.0.1.el5_5

Связанные CVE

CVE-2010-0178
CVE-2010-0179
CVE-2010-0174
CVE-2010-0176
CVE-2010-0175
CVE-2010-0177

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2010-0178

ubuntu
около 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.

redhat логотип

CVE-2010-0178

redhat
около 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.

nvd логотип

CVE-2010-0178

nvd
около 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.

debian логотип

CVE-2010-0178

debian
около 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...

github логотип

GHSA-8m7g-3wf3-3hff

github
около 3 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.