Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2005-336: firefox

Vulnerability Assessment Details

RHSA-2005-336: firefox
Vulnerability Assessment Summary
Check for the version of the firefox packages

Detailed Explanation for this Vulnerability Assessment


Updated firefox packages that fix various bugs are now available.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Mozilla Firefox is an open source Web browser.

A buffer overflow bug was found in the way Firefox processes GIF images. It
is possible for a possible hacker to create a specially crafted GIF image, which
when viewed by a victim will execute arbitrary code as the victim. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CVE-2005-0399 to this issue.

A bug was found in the way Firefox processes XUL content. If a malicious
web page can trick a user into dragging an object, it is possible to load
malicious XUL content. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2005-0401 to this issue.

A bug was found in the way Firefox bookmarks content to the sidebar. If a
user can be tricked into bookmarking a malicious web page into the sidebar
panel, that page could execute arbitrary programs. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2005-0402 to this issue.

Users of Firefox are advised to upgrade to this updated package which
contains Firefox version 1.0.2 and is not vulnerable to these issues.




Solution : http://rhn.redhat.com/errata/RHSA-2005-336.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security
Cables, Connectors


NEW Original OEM 60W Power Adapter Charger A1344 for APPLE 13

NEW Original OEM 60W Power Adapter Charger A1344 for APPLE 13" MacBook Pro A1278

$22.25


85W OEM NEW Power Adapter Charger For Apple Macbook Pro 13 15

85W OEM NEW Power Adapter Charger For Apple Macbook Pro 13 15" A1424 A1502 A1398

$24.25


Original OEM 87W USB-C Power Adapter Charger for Apple MacBook Pro 15

Original OEM 87W USB-C Power Adapter Charger for Apple MacBook Pro 15" 13" A1719

$28.45


OEM Apple MacBook Pro 13 A1706 A1708 2017 LCD Screen Display Assembly Silver picture

OEM Apple MacBook Pro 13 A1706 A1708 2017 LCD Screen Display Assembly Silver

$134.99


Genuine Apple A1882 30W USB-C Power Adapter Apple OEM CHARGER picture

Genuine Apple A1882 30W USB-C Power Adapter Apple OEM CHARGER

$18.99


Genuine OEM Apple 85W MagSafe 2 Charger for MacBook Pro / Air TESTED - Apple picture

Genuine OEM Apple 85W MagSafe 2 Charger for MacBook Pro / Air TESTED - Apple

$9.79


Apple OEM Original (A1374) 45W MagSafe Power Adapter with Fold Plug Only - White picture

Apple OEM Original (A1374) 45W MagSafe Power Adapter with Fold Plug Only - White

$10.95


Genuine OEM Apple 10w USB Wall Charger Adapter iPhone iPad with Lightning cable picture

Genuine OEM Apple 10w USB Wall Charger Adapter iPhone iPad with Lightning cable

$6.99


APPLE OEM Power Extension Cable 6ft for Macbook, Macbook Air, Pro 2.5A 125V-NEW picture

APPLE OEM Power Extension Cable 6ft for Macbook, Macbook Air, Pro 2.5A 125V-NEW

$19.99


Original OEM 45W Magsafe 2 Charger for APPLE MacBook Air 13

Original OEM 45W Magsafe 2 Charger for APPLE MacBook Air 13" 11" A1466 2015 2013

$7.99


Discussions

No Discussions have been posted on this vulnerability.