Ubuntu Update For Firefox Vulnerabilities USN-493-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-493-1

Solution

Please Install the Updated Packages.

Insight

A flaw was discovered in handling of &quot about:blank&quot windows used by addons. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-3844) Jesper Johansson discovered that spaces and double-quotes were not correctly handled when launching external programs. In rare configurations, after tricking a user into opening a malicious web page, an attacker could execute helpers with arbitrary arguments with the user's privileges. (CVE-2007-3845)

Affected

firefox vulnerabilities on Ubuntu 6.06 LTS , Ubuntu 6.10 , Ubuntu 7.04

Severity

Classification

CVE CVE-2007-3844, CVE-2007-3845
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for calligra USN-1525-1
Ubuntu Update for Firefox 3.0 and Xulrunner 1.9 vulnerabilities USN-895-1
Ubuntu Update for enigmail vulnerability USN-427-1
Ubuntu Update for dhcp3 USN-1108-2
Ubuntu Update for exim4 USN-1135-1

Ubuntu Update for firefox vulnerabilities USN-493-1

Take action and discover your vulnerabilities