rhsa-2007_0079
Vulnerability from csaf_redhat
Published
2007-02-23 21:06
Modified
2024-09-15 16:35
Summary
Red Hat Security Advisory: Firefox security update
Notes
Topic
Updated firefox packages that fix several security bugs are now available
for Red Hat Enterprise Linux 4.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
Mozilla Firefox is an open source Web browser.
Several flaws were found in the way Firefox processed certain malformed
JavaScript code. A malicious web page could execute JavaScript code in such
a way that may result in Firefox crashing or executing arbitrary code as
the user running Firefox. (CVE-2007-0775, CVE-2007-0777)
Several cross-site scripting (XSS) flaws were found in the way Firefox
processed certain malformed web pages. A malicious web page could display
misleading information which may result in a user unknowingly divulging
sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995,
CVE-2007-0996)
A flaw was found in the way Firefox cached web pages on the local disk. A
malicious web page may be able to inject arbitrary HTML into a browsing
session if the user reloads a targeted site. (CVE-2007-0778)
A flaw was found in the way Firefox displayed certain web content. A
malicious web page could generate content which could overlay user
interface elements such as the hostname and security indicators, tricking a
user into thinking they are visiting a different site. (CVE-2007-0779)
Two flaws were found in the way Firefox displayed blocked popup windows. If
a user can be convinced to open a blocked popup, it is possible to read
arbitrary local files, or conduct an XSS attack against the user.
(CVE-2007-0780, CVE-2007-0800)
Two buffer overflow flaws were found in the Network Security Services (NSS)
code for processing the SSLv2 protocol. Connecting to a malicious secure
web server could cause the execution of arbitrary code as the user running
Firefox. (CVE-2007-0008, CVE-2007-0009)
A flaw was found in the way Firefox handled the "location.hostname" value
during certain browser domain checks. This flaw could allow a malicious web
site to set domain cookies for an arbitrary site, or possibly perform an
XSS attack. (CVE-2007-0981)
Users of Firefox are advised to upgrade to these erratum packages, which
contain Firefox version 1.5.0.10 that corrects these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated firefox packages that fix several security bugs are now available\nfor Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open source Web browser.\n\nSeveral flaws were found in the way Firefox processed certain malformed\nJavaScript code. A malicious web page could execute JavaScript code in such\na way that may result in Firefox crashing or executing arbitrary code as\nthe user running Firefox. (CVE-2007-0775, CVE-2007-0777)\n\nSeveral cross-site scripting (XSS) flaws were found in the way Firefox\nprocessed certain malformed web pages. A malicious web page could display\nmisleading information which may result in a user unknowingly divulging\nsensitive information such as a password. (CVE-2006-6077, CVE-2007-0995,\nCVE-2007-0996)\n\nA flaw was found in the way Firefox cached web pages on the local disk. A\nmalicious web page may be able to inject arbitrary HTML into a browsing\nsession if the user reloads a targeted site. (CVE-2007-0778)\n\nA flaw was found in the way Firefox displayed certain web content. A\nmalicious web page could generate content which could overlay user\ninterface elements such as the hostname and security indicators, tricking a\nuser into thinking they are visiting a different site. (CVE-2007-0779)\n\nTwo flaws were found in the way Firefox displayed blocked popup windows. If\na user can be convinced to open a blocked popup, it is possible to read\narbitrary local files, or conduct an XSS attack against the user.\n(CVE-2007-0780, CVE-2007-0800)\n\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\nweb server could cause the execution of arbitrary code as the user running\nFirefox. (CVE-2007-0008, CVE-2007-0009)\n\nA flaw was found in the way Firefox handled the \"location.hostname\" value\nduring certain browser domain checks. This flaw could allow a malicious web\nsite to set domain cookies for an arbitrary site, or possibly perform an\nXSS attack. (CVE-2007-0981)\n\nUsers of Firefox are advised to upgrade to these erratum packages, which\ncontain Firefox version 1.5.0.10 that corrects these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0079",
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#critical",
"url": "http://www.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "202352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=202352"
},
{
"category": "external",
"summary": "229802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2007/rhsa-2007_0079.json"
}
],
"title": "Red Hat Security Advisory: Firefox security update",
"tracking": {
"current_release_date": "2024-09-15T16:35:18+00:00",
"generator": {
"date": "2024-09-15T16:35:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2007:0079",
"initial_release_date": "2007-02-23T21:06:00+00:00",
"revision_history": [
{
"date": "2007-02-23T21:06:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-02-23T16:06:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-15T16:35:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.10-0.1.el4.ia64",
"product": {
"name": "firefox-0:1.5.0.10-0.1.el4.ia64",
"product_id": "firefox-0:1.5.0.10-0.1.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.10-0.1.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"product": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"product_id": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.10-0.1.el4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.10-0.1.el4.src",
"product": {
"name": "firefox-0:1.5.0.10-0.1.el4.src",
"product_id": "firefox-0:1.5.0.10-0.1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.10-0.1.el4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.10-0.1.el4.x86_64",
"product": {
"name": "firefox-0:1.5.0.10-0.1.el4.x86_64",
"product_id": "firefox-0:1.5.0.10-0.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.10-0.1.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"product": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"product_id": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.10-0.1.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.10-0.1.el4.i386",
"product": {
"name": "firefox-0:1.5.0.10-0.1.el4.i386",
"product_id": "firefox-0:1.5.0.10-0.1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.10-0.1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"product": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"product_id": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.10-0.1.el4?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.10-0.1.el4.ppc",
"product": {
"name": "firefox-0:1.5.0.10-0.1.el4.ppc",
"product_id": "firefox-0:1.5.0.10-0.1.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.10-0.1.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"product": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"product_id": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.10-0.1.el4?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.10-0.1.el4.s390x",
"product": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390x",
"product_id": "firefox-0:1.5.0.10-0.1.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.10-0.1.el4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"product": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"product_id": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.10-0.1.el4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.10-0.1.el4.s390",
"product": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390",
"product_id": "firefox-0:1.5.0.10-0.1.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.10-0.1.el4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"product": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"product_id": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.10-0.1.el4?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.10-0.1.el4.src"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.10-0.1.el4.src"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.10-0.1.el4.src"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.10-0.1.el4.src"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "firefox-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-6077",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618236"
}
],
"notes": [
{
"category": "description",
"text": "The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-6077"
},
{
"category": "external",
"summary": "RHBZ#1618236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618236"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-6077",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-6077"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-6077",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6077"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0008",
"discovery_date": "2006-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "565576"
}
],
"notes": [
{
"category": "description",
"text": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NSS: SSLv2 protocol buffer overflows",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0008"
},
{
"category": "external",
"summary": "RHBZ#565576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=565576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0008",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0008"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0008",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0008"
}
],
"release_date": "2007-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "NSS: SSLv2 protocol buffer overflows"
},
{
"cve": "CVE-2007-0009",
"discovery_date": "2006-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "565576"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid \"Client Master Key\" length values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NSS: SSLv2 protocol buffer overflows",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0009"
},
{
"category": "external",
"summary": "RHBZ#565576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=565576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0009"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0009",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0009"
}
],
"release_date": "2007-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "NSS: SSLv2 protocol buffer overflows"
},
{
"cve": "CVE-2007-0775",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618273"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0775"
},
{
"category": "external",
"summary": "RHBZ#1618273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0775",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0775"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0777",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618275"
}
],
"notes": [
{
"category": "description",
"text": "The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0777"
},
{
"category": "external",
"summary": "RHBZ#1618275",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618275"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0777",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0777"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0778",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618276"
}
],
"notes": [
{
"category": "description",
"text": "The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0778"
},
{
"category": "external",
"summary": "RHBZ#1618276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0778"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0779",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618277"
}
],
"notes": [
{
"category": "description",
"text": "GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0779"
},
{
"category": "external",
"summary": "RHBZ#1618277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618277"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0779",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0779"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0780",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618278"
}
],
"notes": [
{
"category": "description",
"text": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0780"
},
{
"category": "external",
"summary": "RHBZ#1618278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0780",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0780"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0780",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0780"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0800",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618279"
}
],
"notes": [
{
"category": "description",
"text": "Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0800"
},
{
"category": "external",
"summary": "RHBZ#1618279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618279"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0800"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0981",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "229253"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": ": seamonkey cookie setting / same-domain bypass vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0981"
},
{
"category": "external",
"summary": "RHBZ#229253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229253"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0981",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0981"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": ": seamonkey cookie setting / same-domain bypass vulnerability"
},
{
"cve": "CVE-2007-0994",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618286"
}
],
"notes": [
{
"category": "description",
"text": "A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0994"
},
{
"category": "external",
"summary": "RHBZ#1618286",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618286"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0994",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0994"
}
],
"release_date": "2007-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0995",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618287"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0995"
},
{
"category": "external",
"summary": "RHBZ#1618287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618287"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0995"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0995",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0995"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0996",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618288"
}
],
"notes": [
{
"category": "description",
"text": "The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0996"
},
{
"category": "external",
"summary": "RHBZ#1618288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0996"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-1092",
"discovery_date": "2007-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618293"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-1092"
},
{
"category": "external",
"summary": "RHBZ#1618293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-1092",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1092"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:firefox-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-0:1.5.0.10-0.1.el4.src",
"4AS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.src",
"4Desktop:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-0:1.5.0.10-0.1.el4.src",
"4ES:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-0:1.5.0.10-0.1.el4.src",
"4WS:firefox-0:1.5.0.10-0.1.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0079"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
}
]
}
Loading...