Mandrake Security Advisory MDVSA-2009:185 (firefox)

Summary
The remote host is missing an update to firefox announced via advisory MDVSA-2009:185.
Solution
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:185 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.12
Insight
Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.0.x: Several flaws in Firefox browser and javascript engine could allow a malicious site to cause a denial-of-service of possibly remote code execution (CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1837, CVE-2009-1838, CVE-2009-1841, CVE-2009-2043, CVE-2009-2044). Several flaws were discovered in Firefox which could lead to information disclosure and security bypass (CVE-2009-1834, CVE-2009-1835, CVE-2009-1836, CVE-2009-1839, CVE-2009-1840). Several flaws were discovered in the Firefox browser and JavaScript engines, which could allow a malicious website to cause a denial of service or possibly execute arbitrary code with user privileges. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466, CVE-2009-2468) Attila Suszter discovered a flaw in the way Firefox processed Flash content, which could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-2467) It was discovered that Firefox did not properly handle some SVG content, which could lead to a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-2469) A flaw was discovered in the JavaScript engine which could be used to perform cross-site scripting attacks. (CVE-2009-2472) This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Affected: Enterprise Server 5.0