Bug 200530 - CVE-2006-3801, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812: major (public) security flaws fixed in firefox 1.5.0.5
Summary: CVE-2006-3801, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CV...
Keywords:
Status: CLOSED CANTFIX
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: firefox
Version: unspecified
Hardware: All
OS: Linux
medium
urgent
Target Milestone: ---
Assignee: Christopher Aillon
QA Contact:
URL:
Whiteboard:
Depends On: 200357
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-07-28 14:22 UTC by Matthew Miller
Modified: 2008-08-02 23:40 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-08-02 10:23:55 UTC
Embargoed:


Attachments (Terms of Use)

Description Matthew Miller 2006-07-28 14:22:25 UTC
+++ This bug was initially created as a clone of Bug #200357 +++

Description of problem: Firefox 1.5.0.4 and earlier has serious security
flaws, patched in 1.5.0.5

http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.5

From the link above, I think the following also affect 1.0.8 in FC4:

CVE-2006-3805 : remote code execution via javascript.
CVE-2006-3806 : ditto.
CVE-2006-3807 : looks like a very serious privledge escalation bug for 
                javascript
CVE-2006-3808 : malicious proxy can execute code with privs it shouldn't have;
                note that a malicious proxy can do all sorts of bad things
                anyway.
CVE-2006-3809 : privilege escalation of scripts; I don't understand the script
                security model enough personally to fully evaluate the impact
                of this without looking into it. sounds potentially serious.
CVE-2006-3811 : "several" crashes with memory corruption; potential arbitrary
                code execution
CVE-2006-3812 : scripts in chrome run with full privledge. no known automatic
                exploit, but may make tricking users easier.

-- Additional comment from mattdm on 2006-07-28 00:07 EST --
Oh, apparently also CVE-2006-3804, but that's apparently just a denial of service.

Christopher Aillon -- there was some trouble releasing a timely update to
Firefox 1.5.0.4. Do you anticipate needing some extra help for this as well?
Could you at least take a few seconds to let us know the status? Thanks!

Comment 1 Matthew Miller 2006-08-04 19:35:35 UTC
Is this likely to be resolved by Monday? I don't see anything in updates/testing.

Comment 2 Matthew Miller 2006-08-07 17:13:29 UTC
Well, here we go with another critical and urgent Firefox update involving
remotely executable code where the only public response from the Red Hat
engineers is stony silence.

This is frustrating.


Since FC4 is now supported by Legacy, moving there.

Comment 3 Matěj Cepl 2007-05-30 23:16:58 UTC
What to do with this bug now when Fedora Legacy shutdown? Could you close it please?


Note You need to log in before you can comment on or make changes to this bug.