MDVSA-2009:182 -- Mandriva firefoxID: oval:org.secpod.oval:def:300586 | Date: (C)2012-01-07 (M)2024-02-19 |
Class: PATCH | Family: unix |
Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.0.x: Several flaws were discovered in the Firefox browser and JavaScript engines, which could allow a malicious website to cause a denial of service or possibly execute arbitrary code with user privileges. Attila Suszter discovered a flaw in the way Firefox processed Flash content, which could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox did not properly handle some SVG content, which could lead to a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in the JavaScript engine which could be used to perform cross-site scripting attacks. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.
Platform: |
Mandriva Linux 2009.0 |
Mandriva Linux 2009.1 |