Summary
The remote host is missing updates announced in
advisory GLSA 200703-04.
Solution
Users upgrading to the following releases of Mozilla Firefox should note that this upgrade has been found to lose the saved passwords file in some cases. The saved passwords are encrypted and stored in the 'signons.txt' file of ~/.mozilla/ and we advise our users to save that file before performing the upgrade.
All Mozilla Firefox 1.5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-1.5.0.10'
All Mozilla Firefox 1.5 binary users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-1.5.0.10'
All Mozilla Firefox 2.0 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-2.0.0.2'
All Mozilla Firefox 2.0 binary users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-2.0.0.2'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200703-04 http://bugs.gentoo.org/show_bug.cgi?id=165555
https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366
Insight
Multiple vulnerabilities have been reported in Mozilla Firefox, some of which may allow user-assisted arbitrary remote code execution.
Severity
Classification
-
CVE CVE-2006-6077, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0801, CVE-2007-0981, CVE-2007-0995 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities