9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Several remote vulnerabilities have been discovered in Mozilla Firefox.
This will be the last security update of Mozilla-based products for
the oldstable (sarge) distribution of Debian. We recommend to upgrade
to stable (etch) as soon as possible.
The Common Vulnerabilities and Exposures project identifies the following
vulnerabilities:
For the oldstable distribution (sarge) these problems have been fixed in
version 1.0.4-2sarge17. You should upgrade to etch as soon as possible.
The stable distribution (etch) isn’t affected. These vulnerabilities have
been fixed prior to the release of Debian etch.
The unstable distribution (sid) no longer contains mozilla-firefox. Iceweasel
is already fixed.