333991 – Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)

Bug 333991 - Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)

Summary: Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	334001 334011 334021 334031 334041 334051 334061 334071 334081 334091 334101 334111
Blocks:
TreeView+	depends on / blocked

Reported:	2007-10-16 12:12 UTC by Josh Bressers
Modified:	2019-09-29 12:21 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2011-09-29 20:43:37 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2007:0979	normal	SHIPPED_LIVE	Critical: firefox security update	2008-01-09 00:44:02 UTC
Red Hat Product Errata	RHSA-2007:0980	normal	SHIPPED_LIVE	Critical: seamonkey security update	2008-01-09 01:09:30 UTC
Red Hat Product Errata	RHSA-2007:0981	normal	SHIPPED_LIVE	Moderate: thunderbird security update	2008-01-09 00:55:45 UTC

Comment 4 Josh Bressers 2007-10-17 21:17:00 UTC

Here is a rough breakdown of the flaws grouped by type.  The official
definition of these issues can be found on the upstream security page here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html

Leveraging browser flaws, fooling users into possibly surrendering sensitive
information (Moderate):
CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334

Malformed web content could result in the execution of arbitrary commands
(Critical):
CVE-2007-5336, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340

Digest Authentication requests can be used to conduct a response splitting
attack (Moderate):
CVE-2007-2292

The sftp protocol handler could be used to view the contents of arbitrary
local files (Moderate):
CVE-2007-5337

Comment 5 Josh Bressers 2007-10-17 21:18:19 UTC

It should be noted that the sftp flaw does not affect Red Hat Enterprise Linux
2.1 or 3.  The sftp protocol handler is not supported on those platforms.

Comment 6 Josh Bressers 2007-10-18 14:13:05 UTC

CVE-2007-5336 should not be used.  That bug is really part of the CVE-2007-5339
CVE id.

Note You need to log in before you can comment on or make changes to this bug.