Bug 200530

Summary: CVE-2006-3801, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812: major (public) security flaws fixed in firefox 1.5.0.5
Product: [Retired] Fedora Legacy Reporter: Matthew Miller <mattdm>
Component: firefoxAssignee: Christopher Aillon <caillon>
Status: CLOSED CANTFIX QA Contact:
Severity: urgent Docs Contact:
Priority: medium    
Version: unspecifiedCC: mattdm, wtogami
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-08-02 10:23:55 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 200357    
Bug Blocks:    

Description Matthew Miller 2006-07-28 14:22:25 UTC
+++ This bug was initially created as a clone of Bug #200357 +++

Description of problem: Firefox 1.5.0.4 and earlier has serious security
flaws, patched in 1.5.0.5

http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.5

From the link above, I think the following also affect 1.0.8 in FC4:

CVE-2006-3805 : remote code execution via javascript.
CVE-2006-3806 : ditto.
CVE-2006-3807 : looks like a very serious privledge escalation bug for 
                javascript
CVE-2006-3808 : malicious proxy can execute code with privs it shouldn't have;
                note that a malicious proxy can do all sorts of bad things
                anyway.
CVE-2006-3809 : privilege escalation of scripts; I don't understand the script
                security model enough personally to fully evaluate the impact
                of this without looking into it. sounds potentially serious.
CVE-2006-3811 : "several" crashes with memory corruption; potential arbitrary
                code execution
CVE-2006-3812 : scripts in chrome run with full privledge. no known automatic
                exploit, but may make tricking users easier.

-- Additional comment from mattdm on 2006-07-28 00:07 EST --
Oh, apparently also CVE-2006-3804, but that's apparently just a denial of service.

Christopher Aillon -- there was some trouble releasing a timely update to
Firefox 1.5.0.4. Do you anticipate needing some extra help for this as well?
Could you at least take a few seconds to let us know the status? Thanks!

Comment 1 Matthew Miller 2006-08-04 19:35:35 UTC
Is this likely to be resolved by Monday? I don't see anything in updates/testing.

Comment 2 Matthew Miller 2006-08-07 17:13:29 UTC
Well, here we go with another critical and urgent Firefox update involving
remotely executable code where the only public response from the Red Hat
engineers is stony silence.

This is frustrating.


Since FC4 is now supported by Legacy, moving there.

Comment 3 Matěj Cepl 2007-05-30 23:16:58 UTC
What to do with this bug now when Fedora Legacy shutdown? Could you close it please?