Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 3 product line. The current stable release is 3.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 152580

Summary: CAN-2005-0578 Mozilla issues (CAN-2005-0232 CAN-2005-0527 CAN-2005-0231 CAN-2005-0584 CAN-2005-0585 CAN-2005-0586 CAN-2005-0588 CAN-2005-0590 CAN-2005-0591 CAN-2005-0593)
Product: Red Hat Enterprise Linux 3 Reporter: Mark J. Cox <mjc>
Component: mozillaAssignee: Christopher Aillon <caillon>
Status: CLOSED ERRATA QA Contact: Ben Levenson <benl>
Severity: high Docs Contact:
Priority: medium    
Version: 3.0CC: bressers, tao
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=important,public=20050224
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-04-28 19:11:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mark J. Cox 2005-03-30 14:51:49 UTC 
Various security issues recently got fixed in Firefox and Mozilla that we did
not backport to our RHEL security updates as the backported fixes would be too
risky.  These will get fixed with an update to 1.7.6.

        MFSA 2005-28 CAN-2005-0578 Unsafe /tmp/plugtmp directory exploitable
            to erase user's files
        MFSA 2005-27 CAN-2005-0232, CAN-2005-0527 Plugins can be used to load
        privileged content
        MFSA 2005-26 CAN-2005-0231 Cross-site scripting by dropping
            javascript: link on tab
        MFSA 2005-24 CAN-2005-0584 HTTP auth prompt tab spoofing
            * caillon says too hard to backport.
        MFSA 2005-23 CAN-2005-0585 Download dialog source spoofing
        MFSA 2005-22 CAN-2005-0586 Download dialog spoofing using
            Content-Disposition header
        MFSA 2005-20 CAN-2005-0588 XSLT can include stylesheets from arbitrary
            hosts
        MFSA 2005-17 CAN-2005-0590 Install source spoofing with user:pass@host
        MFSA 2005-16 CAN-2005-0591 Spoofing download and security dialogs with
            overlapping windows
            conversion
        MFSA 2005-14 CAN-2005-0593 SSL "secure site" indicator spoofing
Comment 1 Josh Bressers 2005-04-28 19:11:28 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-384.html