Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Mozilla Products Code Execution Vulnerabilities

Title : Fedora Security Update Fixes Mozilla Products Code Execution Vulnerabilities
VUPEN ID : VUPEN/ADV-2007-2598
CVE ID : CVE-2007-3089 - CVE-2007-3656 - CVE-2007-3734 - CVE-2007-3735 - CVE-2007-3736 - CVE-2007-3737 - CVE-2007-3738
Rated as : Critical 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-23

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Multiple vulnerabilities have been identified in Fedora, which could be exploited by attackers to disclose sensitive information or execute arbitrary commands and scripting code. These issues are caused by errors in Mozilla Firefox, Thunderbird and Seamonkey. For additional information, see : VUPEN/ADV-2007-2564 - VUPEN/ADV-2007-2565

Affected Products

Fedora 7
Fedora Core 6

Solution

Upgrade the affected packages :

5c751bb8d48e168c4eaf97d7e039c0368d35ff5d seamonkey-debuginfo-1.1.3-1.fc7.ppc64.rpm
5c32e2b7896d73b435a246b7657d661f1aa8928d seamonkey-1.1.3-1.fc7.ppc64.rpm
b5c5b0f54ef0c757bd9abc0826ccd54826171096 seamonkey-debuginfo-1.1.3-1.fc7.i386.rpm
d00f0b7d75bc2b93b04f3d36f0c6cdb8a4e5c5ef seamonkey-1.1.3-1.fc7.i386.rpm
f5084ac1bfd2c7bf479d9e3c3be0c1c2a5b50af3 seamonkey-debuginfo-1.1.3-1.fc7.x86_64.rpm
395a32d934a1a717a0a025f14914b58516abd1f8 seamonkey-1.1.3-1.fc7.x86_64.rpm
eaff41df4a1891cc80c3368e559f589ec92d1211 seamonkey-1.1.3-1.fc7.ppc.rpm
e05847842fac05bc647666ef6bab651bb9bf8985 seamonkey-debuginfo-1.1.3-1.fc7.ppc.rpm
f50ab54a29f019925c494e1e1d3339c832825f2b seamonkey-1.1.3-1.fc7.src.rpm
406b91a7a359a5116abc1de38d66f02475330193 thunderbird-2.0.0.5-1.fc7.ppc64.rpm
2b7400c86c54e4b77fda5c8c5d7f6e57e3a4eadb thunderbird-debuginfo-2.0.0.5-1.fc7.ppc64.rpm
f7f02885088254a8257fd6d20728785a600adaf5 thunderbird-debuginfo-2.0.0.5-1.fc7.i386.rpm
34c53a1f3b96d014e8bb6ca02704590be0baa980 thunderbird-2.0.0.5-1.fc7.i386.rpm
4d5328a7b0744d9cb9f73648e959c0cc7d62dee1 thunderbird-debuginfo-2.0.0.5-1.fc7.x86_64.rpm
1c57f5e01d960b6a0600cc7817764f13602058e7 thunderbird-2.0.0.5-1.fc7.x86_64.rpm
1c5eaadb7684dac209c38b9f1fcff1a002caed2c thunderbird-debuginfo-2.0.0.5-1.fc7.ppc.rpm
0fe3b5c19898df0c2976fdc8e19482dbe0903707 thunderbird-2.0.0.5-1.fc7.ppc.rpm
d8525d565bd1523e8763f0aee0ec463257af98e2 thunderbird-2.0.0.5-1.fc7.src.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

04db587478c5865e44645faaa08a2105f9c565e7 SRPMS/firefox-1.5.0.12-4.fc6.src.rpm
04db587478c5865e44645faaa08a2105f9c565e7 noarch/firefox-1.5.0.12-4.fc6.src.rpm
f1b14a2ec88fb32af73367cf268fcce0d9f7a494 ppc/debug/firefox-debuginfo-1.5.0.12-4.fc6.ppc.rpm
4810057d98164845f5e773f9371a96f694cb1ec7 ppc/firefox-1.5.0.12-4.fc6.ppc.rpm
b0bdbb8d7799c301f78c63c6d0aedac119869c18 ppc/firefox-devel-1.5.0.12-4.fc6.ppc.rpm
ffbe5e5e08488c57799bdc9c68f98f3767c0daf7 x86_64/firefox-1.5.0.12-4.fc6.x86_64.rpm
01bdf0e33965ff1247dd2381ba4ee69739ce9d46 x86_64/debug/firefox-debuginfo-1.5.0.12-4.fc6.x86_64.rpm
252e41424130a8f463ca63044cc9f4d15cb7d503 x86_64/firefox-devel-1.5.0.12-4.fc6.x86_64.rpm
2bfd3305921f9f3e98d92fb2761ab253af92dba8 i386/firefox-1.5.0.12-4.fc6.i386.rpm
dae4f9c1ba9723b94a4b058720e878af23635646 i386/firefox-devel-1.5.0.12-4.fc6.i386.rpm
d92d064ee92b21887704d5e7c4560a367573976c i386/debug/firefox-debuginfo-1.5.0.12-4.fc6.i386.rpm
19679f423d4041bff14fb1296301658dfc6ba2ba SRPMS/thunderbird-1.5.0.12-2.fc6.src.rpm
19679f423d4041bff14fb1296301658dfc6ba2ba noarch/thunderbird-1.5.0.12-2.fc6.src.rpm
67e87bd1475f0de8294cf57d976ec342bd8a7c5b ppc/thunderbird-1.5.0.12-2.fc6.ppc.rpm
98431b993e118b0fe00a2599e645a33ad6522c49 ppc/debug/thunderbird-debuginfo-1.5.0.12-2.fc6.ppc.rpm
c2156643405b7c671a93a2264ab958fd5f0fd944 x86_64/thunderbird-1.5.0.12-2.fc6.x86_64.rpm
e3b6835f0a8f7eb4835c1302e967ed008ecd1575 x86_64/debug/thunderbird-debuginfo-1.5.0.12-2.fc6.x86_64.rpm
bfeab692e49e51d7d0b541ca68965ab1500a6606 i386/thunderbird-1.5.0.12-2.fc6.i386.rpm
a0c642b01715286f1ced7a1f49a8d11b2f924577 i386/debug/thunderbird-debuginfo-1.5.0.12-2.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2007/2598
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00403.html
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00402.html
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00393.html
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00392.html

ChangeLog

2007-07-23 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy