Bug 333991 - Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)
Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511...
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 334001 334011 334021 334031 334041 334051 334061 334071 334081 334091 334101 334111
  Show dependency treegraph
Reported: 2007-10-16 08:12 EDT by Josh Bressers
Modified: 2011-09-29 16:43 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2011-09-29 16:43:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Comment 4 Josh Bressers 2007-10-17 17:17:00 EDT
Here is a rough breakdown of the flaws grouped by type.  The official
definition of these issues can be found on the upstream security page here:

Leveraging browser flaws, fooling users into possibly surrendering sensitive
information (Moderate):
CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334

Malformed web content could result in the execution of arbitrary commands
CVE-2007-5336, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340

Digest Authentication requests can be used to conduct a response splitting
attack (Moderate):

The sftp protocol handler could be used to view the contents of arbitrary
local files (Moderate):
Comment 5 Josh Bressers 2007-10-17 17:18:19 EDT
It should be noted that the sftp flaw does not affect Red Hat Enterprise Linux
2.1 or 3.  The sftp protocol handler is not supported on those platforms.
Comment 6 Josh Bressers 2007-10-18 10:13:05 EDT
CVE-2007-5336 should not be used.  That bug is really part of the CVE-2007-5339
CVE id.

Note You need to log in before you can comment on or make changes to this bug.