Solution
Please Install the Updated Packages.
Insight
Mozilla Firefox is an open source Web browser.
An integer overflow flaw was found in the way Firefox displayed certain web content. A malicious web site could cause Firefox to crash, or execute arbitrary code with the permissions of the user running Firefox.
(CVE-2008-2785)
A flaw was found in the way Firefox handled certain command line URLs. If another application passed Firefox a malformed URL, it could result in Firefox executing local malicious content with chrome privileges.
(CVE-2008-2933)
All firefox users should upgrade to this updated package, which contains backported patches that correct these issues.
Affected
firefox on Red Hat Enterprise Linux AS version 4,
Red Hat Enterprise Linux ES version 4,
Red Hat Enterprise Linux WS version 4
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-2785, CVE-2008-2933 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities