[USN-546-1] Firefox vulnerabilities
Ubuntu Security Notice USN-546-1 November 26, 2007 firefox vulnerabilities CVE-2007-5947, CVE-2007-5959, CVE-2007-5960Kwetsbare Ubuntu versies:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10
- Ubuntu 6.06 LTS
- firefox 1.5.dfsg+1.5.0.14~prepatch071125a-0ubuntu1
- Ubuntu 6.10
- firefox 2.0.0.10+0nobinonly-0ubuntu0.6.10
- Ubuntu 7.10
- firefox 2.0.0.10+2nobinonly-0ubuntu1.7.10.1
- Ubuntu 7.04
- firefox 2.0.0.10+1nobinonly-0ubuntu1
After a standard system upgrade you need to restart Firefox to effect the necessary changes.
It was discovered that Firefox incorrectly associated redirected sites as the origin of "jar:" contents. A malicious web site could exploit this to modify or steal confidential data (such as passwords) from other web sites. (CVE-2007-5947) Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-5959) Gregory Fleischer discovered that it was possible to use JavaScript to manipulate Firefox's Referer header. A malicious web site could exploit this to conduct cross-site request forgeries against sites that relied only on Referer headers for protection from such attacks. (CVE-2007-5960)
Ubuntero van de maand - Mei 2008 - Laacque
01-05-2008
Ooievaar brengt “Ruige Reiger”!
24-04-2008
Hardy Release Parties 2008
15-04-2008
Ubuntu demonstratie 19 april a.s. in Apeldoorn
10-04-2008
Ubuntero van de maand - April 2008 - Eendje
02-04-2008
Onverwachte downtime
01-04-2008
Nu ook chatten via de ubuntu NL website
30-03-2008
Ubuntero van de maand - Maart 2008 - profoX
01-03-2008
Ubuntero van de maand - Februari 2008 - Gandyman
03-02-2008
Ubuntero van de maand - Januari 2008
03-01-2008
Lees het nieuws via RSS