Ubuntu Update For Firefox Vulnerabilities USN-493-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-493-1

Solution

Please Install the Updated Packages.

Insight

A flaw was discovered in handling of &quot about:blank&quot windows used by addons. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-3844) Jesper Johansson discovered that spaces and double-quotes were not correctly handled when launching external programs. In rare configurations, after tricking a user into opening a malicious web page, an attacker could execute helpers with arbitrary arguments with the user's privileges. (CVE-2007-3845)

Affected

firefox vulnerabilities on Ubuntu 6.06 LTS , Ubuntu 6.10 , Ubuntu 7.04

Severity

Classification

CVE CVE-2007-3844, CVE-2007-3845

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for enscript vulnerability USN-660-1
Ubuntu Update for curl USN-1721-1
Ubuntu Update for cups USN-1654-1
Ubuntu Update for curl USN-1346-1
Ubuntu Update for dhcp vulnerability USN-531-2

Ubuntu Update for firefox vulnerabilities USN-493-1

Take action and discover your vulnerabilities