7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.335 Low
EPSS
Percentile
96.6%
Mozilla Firefox is an open source Web browser.
Several flaws were found in the way Firefox processes certain malformed
Javascript code. A malicious web page could cause the execution of
Javascript code in such a way that could cause Firefox to crash or execute
arbitrary code as the user running Firefox. (CVE-2006-5463, CVE-2006-5747,
CVE-2006-5748)
Several flaws were found in the way Firefox renders web pages. A malicious
web page could cause the browser to crash or possibly execute arbitrary
code as the user running Firefox. (CVE-2006-5464)
A flaw was found in the way Firefox verifies RSA signatures. For RSA keys
with exponent 3 it is possible for an attacker to forge a signature that
would be incorrectly verified by the NSS library. Firefox as shipped trusts
several root Certificate Authorities that use exponent 3. An attacker could
have created a carefully crafted SSL certificate which be incorrectly
trusted when their site was visited by a victim. This flaw was previously
thought to be fixed in Firefox 1.5.0.7, however Ulrich Kuehn discovered the
fix was incomplete (CVE-2006-5462)
Users of Firefox are advised to upgrade to these erratum packages, which
contain Firefox version 1.5.0.8 that corrects these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | x86_64 | firefox | < 1.5.0.8-0.1.el4 | firefox-1.5.0.8-0.1.el4.x86_64.rpm |
RedHat | 4 | src | firefox | < 1.5.0.8-0.1.el4 | firefox-1.5.0.8-0.1.el4.src.rpm |
RedHat | 4 | i386 | firefox | < 1.5.0.8-0.1.el4 | firefox-1.5.0.8-0.1.el4.i386.rpm |
RedHat | 4 | ppc | firefox | < 1.5.0.8-0.1.el4 | firefox-1.5.0.8-0.1.el4.ppc.rpm |
RedHat | 4 | ia64 | firefox | < 1.5.0.8-0.1.el4 | firefox-1.5.0.8-0.1.el4.ia64.rpm |
RedHat | 4 | s390 | firefox | < 1.5.0.8-0.1.el4 | firefox-1.5.0.8-0.1.el4.s390.rpm |
RedHat | 4 | s390x | firefox | < 1.5.0.8-0.1.el4 | firefox-1.5.0.8-0.1.el4.s390x.rpm |