Gentoo Security Advisory GLSA 200701-02 (mozilla-firefox) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200701-02.

Solution

All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-1.5.0.9' All Mozilla Firefox binary release users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-1.5.0.9' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200701-02 http://bugs.gentoo.org/show_bug.cgi?id=156023

Insight

Multiple vulnerabilities have been reported in Mozilla Firefox, some of which may allow the remote execution of arbitrary code.

Severity

Classification

CVE CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6500, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6506, CVE-2006-6507

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200312-02 (Kernel)
Gentoo Security Advisory GLSA 200405-25 (tla)
Gentoo Security Advisory GLSA 200407-06 (libpng)
Gentoo Security Advisory GLSA 200406-03 (sitecopy)
Gentoo Security Advisory GLSA 200405-14 (subversion)

Take action and discover your vulnerabilities