what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 27944

Secunia Security Advisory 27944
Posted Dec 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MozillaFirefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks or potentially compromise a user's system.

tags | advisory, vulnerability, xss, csrf
systems | linux, suse
SHA-256 | 4b1aadca371129cfbd90db18de3304ee74fe231d50bc434b3fb9499a21e410fe
Download | Favorite | View

Secunia Security Advisory 27944

Change Mirror Download


----------------------------------------------------------------------

2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published

How do you know which Secunia advisories are important to you?

The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.

Get a free trial of the Secunia Vulnerability Intelligence Solutions:
http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv

----------------------------------------------------------------------

TITLE:
SUSE update for MozillaFirefox

SECUNIA ADVISORY ID:
SA27944

VERIFY ADVISORY:
http://secunia.com/advisories/27944/

CRITICAL:
Highly critical

IMPACT:
Cross Site Scripting, DoS, System access

WHERE:
>From remote

OPERATING SYSTEM:
SUSE Linux 10
http://secunia.com/product/6221/
SUSE Linux 10.1
http://secunia.com/product/10796/
openSUSE 10.2
http://secunia.com/product/13375/
openSUSE 10.3
http://secunia.com/product/16124/
SUSE Linux Enterprise Server 10
http://secunia.com/product/12192/

DESCRIPTION:
SUSE has issued an update for MozillaFirefox. This fixes some
vulnerabilities, which can be exploited by malicious people to
conduct cross-site request forgery and cross-site scripting attacks
or potentially compromise a user's system.

For more information:
SA27605
SA27725

SOLUTION:
Apply updated packages.

x86 Platform:

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.10-0.1.i586.rpm
d0f7fd357a6de8c6a590b42dda9c7702

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.10-0.1.i586.rpm
1aaf5db8a1297805e8e9e176b238ef8c

openSUSE 10.2:

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.10-0.1.i586.rpm
1f2516d822f8ca87b3f3f25c145e4a38

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.10-0.1.i586.rpm
574823f229420156208b5f45bff5ca6d

SUSE LINUX 10.1:

ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-2.0.0.10-0.2.i586.rpm
cf1b3c80ffdfd1f3e4f340e0d9a8c07f

ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-translations-2.0.0.10-0.2.i586.rpm
fd13fa44b75a2e6317103f265d77f702

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-2.0.0.10-0.1.i586.rpm
6f5985e8b52cd2fd82f935eb1bdcef75

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-translations-2.0.0.10-0.1.i586.rpm
5713f8749a674285d4de104729466231

Power PC Platform:

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/MozillaFirefox-2.0.0.10-0.1.ppc.rpm
d94b360b96f78415486e590ba2ebc56f

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/MozillaFirefox-translations-2.0.0.10-0.1.ppc.rpm
e22b1e054000aa0d53c41fe6ac39372a

openSUSE 10.2:

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-2.0.0.10-0.1.ppc.rpm
530f6740fee6d2fb643afa4b9f0c49ef

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-translations-2.0.0.10-0.1.ppc.rpm
6db2f0cb850b212cec62de5ad94d0069

SUSE LINUX 10.1:

ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-2.0.0.10-0.2.ppc.rpm
ed1d282e433ce48f63ed14e836c18d52

ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-translations-2.0.0.10-0.2.ppc.rpm
740adaa059e9898be2e0a1a2bea8bfd0

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-2.0.0.10-0.1.ppc.rpm
0c7fc24e3f284c4f2f4fbe4da05500bc

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-translations-2.0.0.10-0.1.ppc.rpm
58404d548715285c5899e36a7ce28b6c

x86-64 Platform:

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/MozillaFirefox-2.0.0.10-0.1.x86_64.rpm
084e0ea783cb2b1069de863276b65b67

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/MozillaFirefox-translations-2.0.0.10-0.1.x86_64.rpm
ab398376912b59c1b29326771336b4d7

openSUSE 10.2:

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-2.0.0.10-0.1.x86_64.rpm
173749354f0641198f0c6100ae190564

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-translations-2.0.0.10-0.1.x86_64.rpm
c7d56938e6ebc0bbaac89965eedcf475

Sources:

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaFirefox-2.0.0.10-0.1.src.rpm
beb5c6009fc75627e1305e05aafdd808

openSUSE 10.2:

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.10-0.1.src.rpm
1fa1299403a46b21f0fe505405250fc7

SUSE LINUX 10.1:

ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaFirefox-2.0.0.10-0.2.src.rpm
5c8cb8c56778911746b6851de11446fe

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaFirefox-2.0.0.10-0.1.src.rpm
4f10c8fdacab3bc3e05dec6100be2d6b

SUSE Linux Enterprise Server 10 SP1

http://support.novell.com/techcenter/psdb/a1909a9a9f705e973cf0feed1743484e.html

SUSE Linux Enterprise Desktop 10 SP1

http://support.novell.com/techcenter/psdb/a1909a9a9f705e973cf0feed1743484e.html

ORIGINAL ADVISORY:
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html

OTHER REFERENCES:
SA27605:
http://secunia.com/advisories/27605/

SA27725:
http://secunia.com/advisories/27725/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    11 Files
  • 7
    Aug 7th
    43 Files
  • 8
    Aug 8th
    42 Files
  • 9
    Aug 9th
    36 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    27 Files
  • 13
    Aug 13th
    18 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close