RHSA-2008_0103
Vulnerability from csaf_redhat - Published: 2008-02-08 02:24 - Updated: 2024-11-22 01:47Summary
Red Hat Security Advisory: firefox security update
Severity
Critical
Notes
Topic: Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details: Mozilla Firefox is an open source Web browser.
Several flaws were found in the way Firefox processed certain malformed web
content. A webpage containing malicious content could cause Firefox to
crash, or potentially execute arbitrary code as the user running Firefox.
(CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)
Several flaws were found in the way Firefox displayed malformed web
content. A webpage containing specially-crafted content could trick a user
into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)
A flaw was found in the way Firefox stored password data. If a user saves
login information for a malicious website, it could be possible to corrupt
the password database, preventing the user from properly accessing saved
password data. (CVE-2008-0417)
A flaw was found in the way Firefox handles certain chrome URLs. If a user
has certain extensions installed, it could allow a malicious website to
steal sensitive session data. Note: this flaw does not affect a default
installation of Firefox. (CVE-2008-0418)
A flaw was found in the way Firefox saves certain text files. If a
website offers a file of type "plain/text", rather than "text/plain",
Firefox will not show future "text/plain" content to the user in the
browser, forcing them to save those files locally to view the content.
(CVE-2008-0592)
Users of firefox are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs."
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (1) a backspace character that is treated as whitespace, (2) 0x80 with Shift_JIS encoding, and (3) "zero-length non-ASCII sequences" in certain Asian character sets.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a crafted 8-bit bitmap (BMP) file that triggers an out-of-bounds read within the heap, as demonstrated using a CANVAS element; or cause a denial of service (application crash) via a crafted 8-bit bitmap file that triggers an out-of-bounds read. NOTE: the initial public reports stated that this affected Firefox in Ubuntu 6.06 through 7.10.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0103
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated firefox packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open source Web browser.\n\nSeveral flaws were found in the way Firefox processed certain malformed web\ncontent. A webpage containing malicious content could cause Firefox to\ncrash, or potentially execute arbitrary code as the user running Firefox.\n(CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n\nSeveral flaws were found in the way Firefox displayed malformed web\ncontent. A webpage containing specially-crafted content could trick a user\ninto surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n\nA flaw was found in the way Firefox stored password data. If a user saves\nlogin information for a malicious website, it could be possible to corrupt\nthe password database, preventing the user from properly accessing saved\npassword data. (CVE-2008-0417)\n\nA flaw was found in the way Firefox handles certain chrome URLs. If a user\nhas certain extensions installed, it could allow a malicious website to\nsteal sensitive session data. Note: this flaw does not affect a default\ninstallation of Firefox. (CVE-2008-0418)\n\nA flaw was found in the way Firefox saves certain text files. If a\nwebsite offers a file of type \"plain/text\", rather than \"text/plain\",\nFirefox will not show future \"text/plain\" content to the user in the\nbrowser, forcing them to save those files locally to view the content.\n(CVE-2008-0592) \n\nUsers of firefox are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0103",
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#critical",
"url": "http://www.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "431732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431732"
},
{
"category": "external",
"summary": "431733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431733"
},
{
"category": "external",
"summary": "431739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431739"
},
{
"category": "external",
"summary": "431742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431742"
},
{
"category": "external",
"summary": "431748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431748"
},
{
"category": "external",
"summary": "431749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431749"
},
{
"category": "external",
"summary": "431751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431751"
},
{
"category": "external",
"summary": "431752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431752"
},
{
"category": "external",
"summary": "431756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431756"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0103.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2024-11-22T01:47:45+00:00",
"generator": {
"date": "2024-11-22T01:47:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2008:0103",
"initial_release_date": "2008-02-08T02:24:00+00:00",
"revision_history": [
{
"date": "2008-02-08T02:24:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-02-07T21:38:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T01:47:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-0.10.el4.ia64",
"product": {
"name": "firefox-0:1.5.0.12-0.10.el4.ia64",
"product_id": "firefox-0:1.5.0.12-0.10.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-0.10.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"product_id": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-0.10.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-9.el5.ia64",
"product": {
"name": "firefox-0:1.5.0.12-9.el5.ia64",
"product_id": "firefox-0:1.5.0.12-9.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-9.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"product_id": "firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-9.el5?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-0.10.el4.src",
"product": {
"name": "firefox-0:1.5.0.12-0.10.el4.src",
"product_id": "firefox-0:1.5.0.12-0.10.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-0.10.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-9.el5.src",
"product": {
"name": "firefox-0:1.5.0.12-9.el5.src",
"product_id": "firefox-0:1.5.0.12-9.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-9.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-0.10.el4.x86_64",
"product": {
"name": "firefox-0:1.5.0.12-0.10.el4.x86_64",
"product_id": "firefox-0:1.5.0.12-0.10.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-0.10.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"product_id": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-0.10.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-9.el5.x86_64",
"product": {
"name": "firefox-0:1.5.0.12-9.el5.x86_64",
"product_id": "firefox-0:1.5.0.12-9.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-9.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"product_id": "firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-9.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-0.10.el4.i386",
"product": {
"name": "firefox-0:1.5.0.12-0.10.el4.i386",
"product_id": "firefox-0:1.5.0.12-0.10.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-0.10.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"product_id": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-0.10.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-9.el5.i386",
"product": {
"name": "firefox-0:1.5.0.12-9.el5.i386",
"product_id": "firefox-0:1.5.0.12-9.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-9.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"product_id": "firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-9.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-0.10.el4.ppc",
"product": {
"name": "firefox-0:1.5.0.12-0.10.el4.ppc",
"product_id": "firefox-0:1.5.0.12-0.10.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-0.10.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"product_id": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-0.10.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-9.el5.ppc",
"product": {
"name": "firefox-0:1.5.0.12-9.el5.ppc",
"product_id": "firefox-0:1.5.0.12-9.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-9.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"product_id": "firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-9.el5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-0.10.el4.s390x",
"product": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390x",
"product_id": "firefox-0:1.5.0.12-0.10.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-0.10.el4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"product_id": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-0.10.el4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-9.el5.s390x",
"product": {
"name": "firefox-0:1.5.0.12-9.el5.s390x",
"product_id": "firefox-0:1.5.0.12-9.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-9.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"product_id": "firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-9.el5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-0.10.el4.s390",
"product": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390",
"product_id": "firefox-0:1.5.0.12-0.10.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-0.10.el4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"product_id": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-0.10.el4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-0:1.5.0.12-9.el5.s390",
"product": {
"name": "firefox-0:1.5.0.12-9.el5.s390",
"product_id": "firefox-0:1.5.0.12-9.el5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.5.0.12-9.el5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"product": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"product_id": "firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.5.0.12-9.el5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.12-0.10.el4.i386"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.12-0.10.el4.ia64"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.12-0.10.el4.ppc"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.12-0.10.el4.s390"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.12-0.10.el4.s390x"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.12-0.10.el4.src"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.5.0.12-0.10.el4.x86_64"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.12-0.10.el4.i386"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.12-0.10.el4.s390"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.12-0.10.el4.src"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.12-0.10.el4.i386"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.12-0.10.el4.ia64"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.12-0.10.el4.ppc"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.12-0.10.el4.s390"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.12-0.10.el4.s390x"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.12-0.10.el4.src"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.5.0.12-0.10.el4.x86_64"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.12-0.10.el4.i386"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.12-0.10.el4.ia64"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.12-0.10.el4.ppc"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.12-0.10.el4.s390"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.12-0.10.el4.s390x"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.12-0.10.el4.src"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-0.10.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.5.0.12-0.10.el4.x86_64"
},
"product_reference": "firefox-0:1.5.0.12-0.10.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-0:1.5.0.12-9.el5.i386"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-0:1.5.0.12-9.el5.ia64"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-0:1.5.0.12-9.el5.ppc"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-0:1.5.0.12-9.el5.s390"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-0:1.5.0.12-9.el5.s390x"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-0:1.5.0.12-9.el5.src"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-0:1.5.0.12-9.el5.x86_64"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-0:1.5.0.12-9.el5.i386"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-0:1.5.0.12-9.el5.ia64"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-0:1.5.0.12-9.el5.ppc"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-0:1.5.0.12-9.el5.s390"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-0:1.5.0.12-9.el5.s390x"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-0:1.5.0.12-9.el5.src"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.5.0.12-9.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-0:1.5.0.12-9.el5.x86_64"
},
"product_reference": "firefox-0:1.5.0.12-9.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.5.0.12-9.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-0412",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431732"
}
],
"notes": [
{
"category": "description",
"text": "The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla layout engine crashes",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0412"
},
{
"category": "external",
"summary": "RHBZ#431732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0412",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0412"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0412",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0412"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla layout engine crashes"
},
{
"cve": "CVE-2008-0413",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431733"
}
],
"notes": [
{
"category": "description",
"text": "The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla javascript engine crashes",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0413"
},
{
"category": "external",
"summary": "RHBZ#431733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431733"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0413",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0413"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0413",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0413"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla javascript engine crashes"
},
{
"cve": "CVE-2008-0415",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431739"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka \"JavaScript privilege escalation bugs.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla arbitrary code execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0415"
},
{
"category": "external",
"summary": "RHBZ#431739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0415",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0415"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla arbitrary code execution"
},
{
"cve": "CVE-2008-0416",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431740"
}
],
"notes": [
{
"category": "description",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (1) a backspace character that is treated as whitespace, (2) 0x80 with Shift_JIS encoding, and (3) \"zero-length non-ASCII sequences\" in certain Asian character sets.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla arbitrary code execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0416"
},
{
"category": "external",
"summary": "RHBZ#431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0416",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0416"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla arbitrary code execution"
},
{
"cve": "CVE-2008-0417",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431742"
}
],
"notes": [
{
"category": "description",
"text": "CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user\u0027s password store via newlines that are not properly handled when the user saves a password.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla arbitrary code execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0417"
},
{
"category": "external",
"summary": "RHBZ#431742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431742"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0417",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0417"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla arbitrary code execution"
},
{
"cve": "CVE-2008-0418",
"discovery_date": "2008-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431748"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using \"flat\" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chrome: directory traversal",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0418"
},
{
"category": "external",
"summary": "RHBZ#431748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0418",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0418"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chrome: directory traversal"
},
{
"cve": "CVE-2008-0419",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431749"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla arbitrary code execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0419"
},
{
"category": "external",
"summary": "RHBZ#431749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431749"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0419",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0419"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0419",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0419"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla arbitrary code execution"
},
{
"cve": "CVE-2008-0420",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431750"
}
],
"notes": [
{
"category": "description",
"text": "modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a crafted 8-bit bitmap (BMP) file that triggers an out-of-bounds read within the heap, as demonstrated using a CANVAS element; or cause a denial of service (application crash) via a crafted 8-bit bitmap file that triggers an out-of-bounds read. NOTE: the initial public reports stated that this affected Firefox in Ubuntu 6.06 through 7.10.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla information disclosure flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0420"
},
{
"category": "external",
"summary": "RHBZ#431750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0420",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0420"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla information disclosure flaw"
},
{
"cve": "CVE-2008-0591",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431751"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the \"dialog refocus bug\" or \"ffclick2\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla information disclosure flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0591"
},
{
"category": "external",
"summary": "RHBZ#431751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0591",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0591"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0591",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0591"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla information disclosure flaw"
},
{
"cve": "CVE-2008-0592",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431752"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a \"Content-Disposition: attachment\" and an invalid \"Content-Type: plain/text,\" which prevents Firefox from rendering future plain text files within the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla text file mishandling",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0592"
},
{
"category": "external",
"summary": "RHBZ#431752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431752"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0592",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0592"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0592",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0592"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Mozilla text file mishandling"
},
{
"cve": "CVE-2008-0593",
"discovery_date": "2008-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "431756"
}
],
"notes": [
{
"category": "description",
"text": "Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla URL token stealing flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-0593"
},
{
"category": "external",
"summary": "RHBZ#431756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-0593",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0593"
}
],
"release_date": "2008-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-02-08T02:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:firefox-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-0:1.5.0.12-0.10.el4.src",
"4AS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4AS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.src",
"4Desktop:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4Desktop:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-0:1.5.0.12-0.10.el4.src",
"4ES:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4ES:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-0:1.5.0.12-0.10.el4.src",
"4WS:firefox-0:1.5.0.12-0.10.el4.x86_64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.i386",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ia64",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.ppc",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.s390x",
"4WS:firefox-debuginfo-0:1.5.0.12-0.10.el4.x86_64",
"5Client:firefox-0:1.5.0.12-9.el5.i386",
"5Client:firefox-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-0:1.5.0.12-9.el5.s390",
"5Client:firefox-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-0:1.5.0.12-9.el5.src",
"5Client:firefox-0:1.5.0.12-9.el5.x86_64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Client:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-0:1.5.0.12-9.el5.i386",
"5Server:firefox-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-0:1.5.0.12-9.el5.s390",
"5Server:firefox-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-0:1.5.0.12-9.el5.src",
"5Server:firefox-0:1.5.0.12-9.el5.x86_64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.i386",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ia64",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.ppc",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.s390x",
"5Server:firefox-debuginfo-0:1.5.0.12-9.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0103"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Mozilla URL token stealing flaw"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…