Chapter 1. Package Updates
58
A flaw was found in the way Firefox displayed blank pages after a user navigates to an invalid
address. If a user visits an attacker-controlled web page that results in a blank page, the attacker
could inject content into that blank page, possibly tricking the user into believing they are viewing a
legitimate page. (
CVE-2009-3985
366
)
For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.16.
You can find a link to the Mozilla advisories in the References section of this errata.
All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.16,
which corrects these issues. After installing the update, Firefox must be restarted for the changes to
take effect.
1.54.3. RHSA-2009:1530: Critical security update
Important
This update has already been released (prior to the GA of this release) as the security
errata
RHSA-2009:1530
367
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise
Linux 4 and 5.
This update has been rated as having critical security impact by the Red Hat Security Response
Team.
Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment
for Mozilla Firefox. nspr provides the Netscape Portable Runtime (NSPR).
A flaw was found in the way Firefox handles form history. A malicious web page could steal saved
form data by synthesizing input events, causing the browser to auto-fill form fields (which could then
be read by an attacker). (
CVE-2009-3370
368
)
A flaw was found in the way Firefox creates temporary file names for downloaded files. If a local
attacker knows the name of a file Firefox is going to download, they can replace the contents of that
file with arbitrary contents. (
CVE-2009-3274
369
)
A flaw was found in the Firefox Proxy Auto-Configuration (PAC) file processor. If Firefox loads a
malicious PAC file, it could crash Firefox or, potentially, execute arbitrary code with the privileges of the
user running Firefox. (
CVE-2009-3372
370
)
A heap-based buffer overflow flaw was found in the Firefox GIF image processor. A malicious GIF
image could crash Firefox or, potentially, execute arbitrary code with the privileges of the user running
Firefox. (
CVE-2009-3373
371
)
A heap-based buffer overflow flaw was found in the Firefox string to floating point conversion routines.
A web page containing malicious JavaScript could crash Firefox or, potentially, execute arbitrary code
with the privileges of the user running Firefox. (
CVE-2009-1563
372
)
366
https://www.redhat.com/security/data/cve/CVE-2009-3985.html
368
https://www.redhat.com/security/data/cve/CVE-2009-3370.html
369
https://www.redhat.com/security/data/cve/CVE-2009-3274.html
370
https://www.redhat.com/security/data/cve/CVE-2009-3372.html
371
https://www.redhat.com/security/data/cve/CVE-2009-3373.html
372
https://www.redhat.com/security/data/cve/CVE-2009-1563.html
Summary of Contents for ENTERPRISE LINUX 5.5 - S 2010
Page 10: ...x ...
Page 308: ...298 ...
Page 310: ...300 ...
Page 468: ...458 ...
Page 470: ...460 ...