Summary
The remote host is missing updates announced in
advisory GLSA 200503-31.
Solution
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
'>=www-client/mozilla-firefox-1.0.2'
All Mozilla Firefox binary users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
'>=www-client/mozilla-firefox-bin-1.0.2'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-31 http://bugs.gentoo.org/show_bug.cgi?id=86148
http://www.mozilla.org/projects/security/known-vulnerabilities.html
Insight
Mozilla Firefox 1.0.2 fixes new security vulnerabilities, including the remote execution of arbitrary code through malicious GIF images or sidebars.
Severity
Classification
-
CVE CVE-2005-0399, CVE-2005-0401, CVE-2005-0402 -
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
Related Vulnerabilities