452197 – firefox-2x+3 unspecified vulnerability - ZDI-CAN-349, CVE-2008-2785

Bug 452197 - firefox-2x+3 unspecified vulnerability - ZDI-CAN-349, CVE-2008-2785

Summary: firefox-2x+3 unspecified vulnerability - ZDI-CAN-349, CVE-2008-2785

Keywords:
Status:	CLOSED DUPLICATE of bug 452204
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	firefox
Sub Component:
Version:	5.2
Hardware:	All
OS:	Linux
Priority:	low
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Gecko Maintainer
QA Contact:	desktop-bugs@redhat.com
Docs Contact:
URL:	http://dvlabs.tippingpoint.com/blog/2...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2008-06-20 03:39 UTC by Jan Iven
Modified:	2008-06-20 08:04 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-06-20 08:04:23 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Jan Iven 2008-06-20 03:39:05 UTC

Description of problem:

ZDI/TippingPoint reported an unspecified vulnerability in Firefox2x+3, shortly
after the 3 release. Would look like the 5.2 firefox is affected by this. Their
tracking number is ZDI-CAN-349.

Mozilla:
http://blog.mozilla.com/security/2008/06/18/new-security-issue-under-investigation/

CVEs:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2785
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2786 (possible - unclear due to
lack of details)

Above CVE's are not known in your bugzilla yet, hence the new bug..
cheers
Jan

Comment 1 Tomas Hoger 2008-06-20 08:04:23 UTC


*** This bug has been marked as a duplicate of 452204 ***

Note You need to log in before you can comment on or make changes to this bug.