Bug 183541

Summary: CVE-2006-0749 Firefox Tag Order Vulnerability
Product: [Fedora] Fedora Reporter: Josh Bressers <bressers>
Component: firefoxAssignee: Christopher Aillon <caillon>
Status: CLOSED ERRATA QA Contact:
Severity: urgent Docs Contact:
Priority: medium    
Version: 4CC: mattdm, security-response-team, wtogami
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: source=mozilla,reported=20051213,embargo=yes,impact=critical
Fixed In Version: 1.0.8-1.1.fc4 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-07-25 23:54:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Josh Bressers 2006-03-01 21:08:33 UTC 
+++ This bug was initially created as a clone of Bug #183537 +++

There exists a remotely exploitable code execution vulnerability in Mozilla
Firefox related to the order tags appear in an HTML document.  It is possible
for a malicious web page to execute arbitrary code as the user running Firefox.

Proposed upstream patch is attachment 125496 [details]
Comment 1 Josh Bressers 2006-04-24 12:23:43 UTC 
Lifting embargo
Comment 2 Matthew Miller 2006-07-25 23:49:16 UTC 
This doesn't appear to ever have been fixed. Remotely-exploitable vulnerability,
too. :(
Comment 3 Matthew Miller 2006-07-25 23:54:14 UTC 
Hmmm, okay, looks like this issue is fixed in 1.0.8, and there *was* an update
to that, and apparently before the embargo was lifted (hence the lack of
specific mention in its changelog). The bugzilla entry just needed some lovin'.
Marking closed-errata.