Bug 432036 (CVE-2008-0594)

Summary: CVE-2008-0594 mozilla: web forgery warning may not be displayed
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: gecko-bugs-nobody
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-12-23 16:29:20 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 432042, 432043    
Bug Blocks:    

Description Tomas Hoger 2008-02-08 15:02:21 UTC
MFSA 2008-11 [1]:

Security researchers Emil Ljungdahl and Lars-Olof Moilanen demonstrated that, in
cases where the entire contents of a page are enclosed in a <div> with absolute
positioning, a web forgery warning dialog won't be displayed unless the user
switches tabs away-from then back-to the forgery page.

[1] http://www.mozilla.org/security/announce/2008/mfsa2008-11.html

Fixed upstream in firefox 2.0.0.12.

Comment 2 Fedora Update System 2008-02-08 22:17:17 UTC
blam-1.8.3-13.fc8,chmsee-1.0.0-1.28.fc8,devhelp-0.16.1-5.fc8,epiphany-2.20.2-3.fc8,epiphany-extensions-2.20.1-5.fc8,firefox-2.0.0.12-1.fc8,galeon-2.0.4-1.fc8.2,gnome-python2-extras-2.19.1-12.fc8,gnome-web-photo-0.3-8.fc8,gtkmozembedmm-1.4.2.cvs20060817-18.fc8,kazehakase-0.5.2-1.fc8.2,liferea-1.4.11-2.fc8,Miro-1.1-3.fc8,openvrml-0.17.5-2.fc8,ruby-gnome2-0.16.0-20.fc8,yelp-2.20.0-7.fc8 has been submitted as an update for Fedora 8

Comment 3 Fedora Update System 2008-02-11 15:35:03 UTC
chmsee-1.0.0-1.28.fc7,devhelp-0.13-13.fc7,epiphany-2.18.3-6.fc7,epiphany-extensions-2.18.3-7,firefox-2.0.0.12-1.fc7,galeon-2.0.3-15.fc7,gnome-python2-extras-2.14.3-8.fc7,gtkmozembedmm-1.4.2.cvs20060817-15.fc7,kazehakase-0.5.2-1.fc7.2,liferea-1.4.9-2.fc7,Miro-1.1-3.fc7,openvrml-0.16.7-3.fc7,ruby-gnome2-0.16.0-21.fc7,yelp-2.18.1-9.fc7 has been submitted as an update for Fedora 7

Comment 4 Fedora Update System 2008-02-13 04:49:23 UTC
chmsee-1.0.0-1.28.fc7, devhelp-0.13-13.fc7, epiphany-extensions-2.18.3-7, firefox-2.0.0.12-1.fc7, gtkmozembedmm-1.4.2.cvs20060817-15.fc7, gnome-python2-extras-2.14.3-8.fc7, galeon-2.0.3-15.fc7, ruby-gnome2-0.16.0-21.fc7, epiphany-2.18.3-6.fc7, kazehakase-0.5.2-1.fc7.2, liferea-1.4.9-2.fc7, yelp-2.18.1-9.fc7, Miro-1.1-3.fc7, openvrml-0.16.7-3.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 5 Fedora Update System 2008-02-13 05:02:59 UTC
blam-1.8.3-13.fc8, chmsee-1.0.0-1.28.fc8, devhelp-0.16.1-5.fc8, epiphany-2.20.2-3.fc8, epiphany-extensions-2.20.1-5.fc8, firefox-2.0.0.12-1.fc8, galeon-2.0.4-1.fc8.2, gnome-python2-extras-2.19.1-12.fc8, gnome-web-photo-0.3-8.fc8, gtkmozembedmm-1.4.2.cvs20060817-18.fc8, kazehakase-0.5.2-1.fc8.2, liferea-1.4.11-2.fc8, Miro-1.1-3.fc8, openvrml-0.17.5-2.fc8, ruby-gnome2-0.16.0-20.fc8, yelp-2.20.0-7.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.