Bug 452197

Summary: firefox-2x+3 unspecified vulnerability - ZDI-CAN-349, CVE-2008-2785
Product: Red Hat Enterprise Linux 5 Reporter: Jan Iven <jan.iven>
Component: firefoxAssignee: Gecko Maintainer <gecko-bugs-nobody>
Status: CLOSED DUPLICATE QA Contact: desktop-bugs <desktop-bugs>
Severity: high Docs Contact:
Priority: low    
Version: 5.2   
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-06-20 08:04:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Iven 2008-06-20 03:39:05 UTC 
Description of problem:

ZDI/TippingPoint reported an unspecified vulnerability in Firefox2x+3, shortly
after the 3 release. Would look like the 5.2 firefox is affected by this. Their
tracking number is ZDI-CAN-349.

Mozilla:
http://blog.mozilla.com/security/2008/06/18/new-security-issue-under-investigation/

CVEs:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2785
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2786 (possible - unclear due to
lack of details)

Above CVE's are not known in your bugzilla yet, hence the new bug..
cheers
Jan
Comment 1 Tomas Hoger 2008-06-20 08:04:23 UTC 

*** This bug has been marked as a duplicate of 452204 ***