MDKSA-2006:075

Package name

mozilla-firefox

Date

2006-04-24

Advisory ID

MDKSA-2006:075

Affected versions

2006.0 i586 , 2006.0 x86_64

Problem description

A number of vulnerabilities have been discovered in the Mozilla Firefox
browser that could allow a remote attacker to craft malicious web pages
that could take advantage of these issues to execute arbitrary code
with elevated privileges, spoof content, and steal local files,
cookies, or other information from web pages. As well, some of these
vulnerabilities can be exploited to execute arbitrary code with the
privileges of the user running the browser.

As well, two crasher bugs have been fixed as well.

The updated packages have been patched to fix these problems.

Updated packages

2006.0 i586

 3780668e99350fecb7e1da24330b7bed  2006.0/RPMS/libnspr4-1.0.6-16.5.20060mdk.i586.rpm
 e322c361441c540c473c17be628c56c5  2006.0/RPMS/libnspr4-devel-1.0.6-16.5.20060mdk.i586.rpm
 5e7771258e4019de67912afd88201043  2006.0/RPMS/libnss3-1.0.6-16.5.20060mdk.i586.rpm
 3b8d26864055478f01723e33a2dd060a  2006.0/RPMS/libnss3-devel-1.0.6-16.5.20060mdk.i586.rpm
 9a5e293de59e94a574f596215c06d7a1  2006.0/RPMS/mozilla-firefox-1.0.6-16.5.20060mdk.i586.rpm
 40de607b8c6fb7a9fcbe09cf194fa306  2006.0/RPMS/mozilla-firefox-devel-1.0.6-16.5.20060mdk.i586.rpm
 70205ca1a829e0be5f571376c492dc93  2006.0/SRPMS/mozilla-firefox-1.0.6-16.5.20060mdk.src.rpm

2006.0 x86_64

 bb30c3560134a888a041faa548e80a93  x86_64/2006.0/RPMS/lib64nspr4-1.0.6-16.5.20060mdk.x86_64.rpm
 30e61853b74326055712d1021f15cec8  x86_64/2006.0/RPMS/lib64nspr4-devel-1.0.6-16.5.20060mdk.x86_64.rpm
 271a6b04c6dbbc4e5eb814dd3c682801  x86_64/2006.0/RPMS/lib64nss3-1.0.6-16.5.20060mdk.x86_64.rpm
 25c9a54f6f77823d37da854e55bac42d  x86_64/2006.0/RPMS/lib64nss3-devel-1.0.6-16.5.20060mdk.x86_64.rpm
 70f565e72131379186f742049453158c  x86_64/2006.0/RPMS/mozilla-firefox-1.0.6-16.5.20060mdk.x86_64.rpm
 6ca25ff70f4fb687bcce8d295b4e7a71  x86_64/2006.0/RPMS/mozilla-firefox-devel-1.0.6-16.5.20060mdk.x86_64.rpm
 70205ca1a829e0be5f571376c492dc93  x86_64/2006.0/SRPMS/mozilla-firefox-1.0.6-16.5.20060mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1729
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1736
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1740
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1742
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790
• https://bugzilla.mozilla.org/show_bug.cgi?id=275896
• https://bugzilla.mozilla.org/show_bug.cgi?id=330900