Advisory ROSA-SA-2024-2370

software: firefox 118.0.2
OS: ROSA-CHROME

package_evr_string: firefox-118.0.2-1.src.rpm

CVE-ID: CVE-2007-3670
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: An argument injection vulnerability in Microsoft Internet Explorer when running on systems with Firefox installed and registered specific URIs allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in FirefoxURL or FirefoxHTML URIs that are inserted into the command line created when firefox.exe is invoked.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2007-0896
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A cross-site scripting (XSS) vulnerability in Sage and the Sage++ extensions for Firefox allows remote attackers to inject arbitrary web script or HTML into an RSS feed.
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update firefox

CVE-ID: CVE-2003-1492
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Netscape Navigator 7.0.2 and Mozilla allow remote attackers to access cookie information in another domain via an HTTP request for a domain with the optional extension . (dot) at the end.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2007-1970
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Mozilla Firefox does not warn the user about HTTP elements on an HTTPS page when HTTP elements are dynamically created using a delayed document.write, allowing remote attackers to provide unauthenticated content and conduct phishing attacks.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2007-2176
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: An unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code using unspecified vectors that include Javascript errors.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2007-4013
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Multiple unspecified vulnerabilities in Net6Helper.DLL (aka Net6Launcher Class), npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in Firefox plugin directory and a second npCtxCAO.dll ( aka CCAOControl Object) in Citrix Access Gateway Standard Edition and Advanced Edition HF1 has unknown impact and attack vectors, possibly related to buffer overflow.
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2007-5274
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Sun Java Runtime Environment (JRE) in JDK and JRE 6, update 2 and earlier, JDK and JRE 5.0, update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, if Firefox or Opera allows remote attackers to break the security model for outbound JavaScript connections using a multi-contact DNS rebinding attack that depends on the LiveConnect API, in which JavaScript loading depends on DNS resolution by the browser and JavaScript socket operations rely on a separate DNS resolution by the Java Virtual Machine (JVM).
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2007-6715
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Mozilla Firefox allows remote attackers to cause a denial of service (crash) using a crafted image, as shown in the test case zzuf lol-firefox.gif.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2008-2399
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A directory traversal vulnerability in the FireFTP add-on before version 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files using …\ (point-to-point backslash) sequences in response to MLSD and LIST commands.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2008-4059
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The XPConnect component of Mozilla Firefox allows remote attackers to “pollute XPCNativeWrappers” and execute arbitrary code with Chrome privileges via vectors associated with the SCRIPT element.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2008-4821
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Adobe Flash Player misinterprets jar: URLs when using the Mozilla browser, allowing attackers to obtain sensitive information via unknown vectors.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-0068
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A communication error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type, but using a safe type that Firefox sends to xdg-open, causing xdg-open to handle the dangerous file type via automatic type detection. , as evidenced by overwriting the .desktop file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-1597
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element in a form contained in an embedded PDF file, which could allow remote attackers to bypass Adobe Acrobat JavaScript’s intended restrictions on accessing the document object. A website that allows PDF downloads by untrusted users and therefore shares a common document.domain between the website and this javascript: URI.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-2404
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A heap-based buffer overflow in the Mozilla Network Security Services (NSS) regular expression analyzer, which was used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application failure) or possibly execute arbitrary code via a long domain name in the common name (CN) field of an X.509 certificate subject associated with the cert_TestHostName function.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-2409
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: The Network Security Services (NSS) library used in Firefox; GnuTLS; OpenSSL 0.9.8-0.9.8k; and other products support MD2 with X.509 certificates, which could allow remote attackers to forge certificates by exploiting MD2 design flaws to create hash collisions in less time than brute force.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-2469
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Mozilla Firefox incorrectly handles an SVG element that has a property with the observation function and defineSetter function, allowing remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code through a crafted document related to the misinterpretation of a specific pointer.
CVE-STATUS: Fixed
CVE-REV: To close, execute the command: sudo dnf update firefox

CVE-ID: CVE-2009-3478
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Argument injection vulnerability in src/content/js/connection/sftp.js and src/content/js/connection/controlSocket.js.in in the FireFTP 1.0 extension.5 for Firefox allows remote authenticated SFTP users to cause victims can change permissions, delete, upload or move the wrong file using a filename containing " (double quotes) that is not filtered or encoded properly when FireFTP creates a command to send to psftp.exe.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-4100
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The Yoono extension for Firefox performs certain operations with Chrome privileges, allowing remote attackers to execute arbitrary commands with the help of the user and perform cross-domain scripting attacks via DOM event handlers such as onload.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-4101
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: infoRSS extensions for Firefox perform certain operations with Chrome privileges, allowing remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the RSS feed description tag.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-4102
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The Sage 1.4.3 and earlier extension for Firefox performs certain operations with Chrome privileges, allowing remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the RSS feed description tag.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-4127
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: An unspecified vulnerability in the Wikipedia toolbar extension for Firefox allows remote attackers, with user assistance, to execute arbitrary JavaScript code with Chrome privileges via vectors that include unspecified toolbar buttons and a score function
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update firefox

CVE-ID: CVE-2009-4129
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The race condition in Mozilla Firefox allows remote attackers to create a JavaScript message with a spoofed domain association, writing a message between requesting a document and downloading the document for a web page in another domain.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-4130
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A visual truncation vulnerability in the MakeScriptDialogTitle function in nsGlobalWindow.cpp in Mozilla Firefox allows remote attackers to spoof the original script domain name using a long name.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2009-4630
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Mozilla Necko, used in Firefox, SeaMonkey, and other applications, prefetches DNS domain names contained in links within local HTML documents, making it easy for remote attackers to determine the network location of an application user by registering DNS queries.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2010-2792
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The race condition in the SPICE plugin (aka spice-xpi) for Firefox allows local users to obtain sensitive information and conduct man-in-the-middle attacks by providing a UNIX socket for communication between this plugin and a client (aka qspice-client) in qspice, and then accessing that socket.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2010-2794
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The SPICE (aka spice-xpi) plugin for Firefox allows local users to overwrite arbitrary files via a symbolic link attack on an unspecified log file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox

CVE-ID: CVE-2011-0012
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The SPICE plugin of Firefox (spice-xpi) and possibly other versions allows local users to overwrite arbitrary files via a symbolic link attack on the usbrdrctl log file, which has a predictable name.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update firefox