Bug 577029 (CVE-2010-1121)
Summary: | CVE-2010-1121 firefox: arbitrary code execution via memory corruption | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | unspecified | CC: | desktop-bugs, gecko-bugs-nobody, gecko-bugs-nobody, jlieskov, mjc, stransky |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1121 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-04-08 20:50:10 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Vincent Danen
2010-03-25 21:39:19 UTC
xulrunner-1.9.2.3-1.fc13,firefox-3.6.3-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/xulrunner-1.9.2.3-1.fc13,firefox-3.6.3-1.fc13 xulrunner-1.9.2.3-1.fc13, firefox-3.6.3-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2010:0500 https://rhn.redhat.com/errata/RHSA-2010-0500.html This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0501 https://rhn.redhat.com/errata/RHSA-2010-0501.html The reason we stated we fixed this CVE even though it originally was stated as only affecting Firefox 3.6.x was due to the comment at http://www.mozilla.org/security/announce/2010/mfsa2010-25.html Updated (June 22, 2010): Firefox 3.5, SeaMonkey 2.0, and Thunderbird 3.0 based on earlier versions of the browser engine were patched just in case there is an alternate way of triggering the underlying flaw. We've left the impact as critical but changed the public= date to match the date that it was public that versions <3.6.x potentially could be affected. seamonkey-2.0.5-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/seamonkey-2.0.5-1.fc12 seamonkey-2.0.5-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/seamonkey-2.0.5-1.fc13 firefox-3.5.10-1.fc12,xulrunner-1.9.1.10-1.fc12,mozvoikko-1.0-10.fc12,gnome-web-photo-0.9-7.fc12,gnome-python2-extras-2.25.3-18.fc12,perl-Gtk2-MozEmbed-0.08-6.fc12.13,galeon-2.0.7-23.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/firefox-3.5.10-1.fc12,xulrunner-1.9.1.10-1.fc12,mozvoikko-1.0-10.fc12,gnome-web-photo-0.9-7.fc12,gnome-python2-extras-2.25.3-18.fc12,perl-Gtk2-MozEmbed-0.08-6.fc12.13,galeon-2.0.7-23.fc12 seamonkey-2.0.5-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. xulrunner-1.9.1.10-1.fc12, mozvoikko-1.0-10.fc12, gnome-web-photo-0.9-7.fc12, gnome-python2-extras-2.25.3-18.fc12, perl-Gtk2-MozEmbed-0.08-6.fc12.13, galeon-2.0.7-23.fc12, firefox-3.5.10-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. seamonkey-2.0.5-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0501 https://rhn.redhat.com/errata/RHSA-2010-0501.html thunderbird-3.0.6-1.fc12, sunbird-1.0-0.23.20090916hg.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. |