Bug 155115 - CAN-2005-0752 Multiple firefox issues. (CAN-2005-0989)
CAN-2005-0752 Multiple firefox issues. (CAN-2005-0989)
Product: Fedora
Classification: Fedora
Component: firefox (Show other bugs)
All Linux
medium Severity high
: ---
: ---
Assigned To: Christopher Aillon
: Security
Depends On:
  Show dependency treegraph
Reported: 2005-04-16 10:51 EDT by Josh Bressers
Modified: 2007-11-30 17:11 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-04-28 16:31:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2005-04-16 10:51:45 EDT
+++ This bug was initially created as a clone of Bug #155114 +++

Firefox 1.0.3 has been released.  The following issues have been fixed

MFSA 2005-33  Javascript "lambda" replace exposes memory contents
MFSA 2005-34 javascript: PLUGINSPAGE code execution
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides

I'll fill in the rest of the CVE id's when they arrive.
Comment 1 Tomasz Ostrowski 2005-04-25 03:09:24 EDT
There's a working, public proof of concept code creating arbitrary file in
user's home directory for MFSA 2005-37 http://www.mikx.de/firelinking/ which can
be trivially modified by a script kiddie to execute arbitrary commands, for
example by writing a .bash_profile file. Please release a security update when
Comment 2 Warren Togami 2005-04-25 03:25:11 EDT
We released a firefox-1.0.3 update a few days ago.  It is still affected by this
problem?  In my testing it isn't.
Comment 3 Tomasz Ostrowski 2005-04-26 03:28:08 EDT
You did. I'm sorry. I didn't notice because the advisory was not sent to
fedora-announce mailing list:
Comment 4 Christopher Aillon 2005-04-28 16:31:03 EDT
Fixed in latest release of firefox

Note You need to log in before you can comment on or make changes to this bug.