(RHSA-2005:038) mozilla security update

2005-01-13T05:00:00
ID RHSA-2005:038
Type redhat
Reporter RedHat
Modified 2019-03-22T23:43:22

Description

Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.

iSEC Security Research has discovered a buffer overflow bug in the way Mozilla handles NNTP URLs. If a user visits a malicious web page or is convinced to click on a malicious link, it may be possible for an attacker to execute arbitrary code on the victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1316 to this issue.

Users of Mozilla should upgrade to these updated packages, which contain backported patches and are not vulnerable to these issues.