Solution
Please Install the Updated Packages.
Insight
Mozilla Firefox is an open source Web browser.
An integer overflow flaw was found in the way Firefox displayed certain web content. A malicious web site could cause Firefox to crash, or execute arbitrary code with the permissions of the user running Firefox.
(CVE-2008-2785)
A flaw was found in the way Firefox handled certain command line URLs. If another application passed Firefox a malformed URL, it could result in Firefox executing local malicious content with chrome privileges.
(CVE-2008-2933)
All firefox users should upgrade to these updated packages, which contain Firefox 3.0.1 that corrects these issues.
Affected
firefox on Red Hat Enterprise Linux (v. 5 server)
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-2785, CVE-2008-2933 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities