CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.5%
CentOS Errata and Security Advisory CESA-2012:0142
Mozilla Firefox is an open source web browser.
A heap-based buffer overflow flaw was found in the way Firefox handled
PNG (Portable Network Graphics) images. A web page containing a malicious
PNG image could cause Firefox to crash or, possibly, execute arbitrary
code with the privileges of the user running Firefox. (CVE-2011-3026)
All Firefox users should upgrade to this updated package, which corrects
this issue. After installing the update, Firefox must be restarted for the
changes to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2012-February/080603.html
Affected packages:
firefox
Upstream details at:
https://access.redhat.com/errata/RHSA-2012:0142
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | i386 | firefox | < 3.6.26-3.el4.centos | firefox-3.6.26-3.el4.centos.i386.rpm |
CentOS | 4 | x86_64 | firefox | < 3.6.26-3.el4.centos | firefox-3.6.26-3.el4.centos.x86_64.rpm |