var-200611-0368
Vulnerability from variot
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password. Mozilla According to, there have been reports of phishing cases where this password manager issue was exploited. Mozilla Firefox is reportedly prone to an information-disclosure weakness because it fails to properly notify users of the automatic population of form fields in disparate URLs deriving from the same domain. Exploiting this issue may allow attackers to obtain user credentials that have been saved in forms deriving from the same website where attack code resides. The most common manifestation of this condition would typically be in blogs or forums. This may allow attackers to access potentially sensitive information that would facilitate the success of phishing attacks. Initial reports and preliminary testing indicate that this issue affects only Firefox 2. UPDATE: Firefox 2.0.0.10 is still vulnerable to the issue. UPDATE (March 17, 2008): Unconfirmed reports indicate that this issue affects Firefox 2.0.0.12; we will update this BID as more information emerges.
Secunia is proud to announce the availability of the Secunia Software Inspector.
The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor.
Try it out online: http://secunia.com/software_inspector/
TITLE: Netscape Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA24289
VERIFY ADVISORY: http://secunia.com/advisories/24289/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access
WHERE:
From remote
SOFTWARE: Netscape 8.x http://secunia.com/product/5134/
DESCRIPTION: Multiple vulnerabilities have been reported in Netscape, which can be exploited by malicious people to bypass certain security restrictions, gain knowledge of sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system.
See vulnerabilities #1, #2, #6, and #7 for more information: SA24205
The vulnerabilities have been reported in version 8.1.2.
SOLUTION: Do not browse untrusted sites and disable Javascript.
ORIGINAL ADVISORY: http://www.mozilla.org/security/announce/2007/mfsa2007-02.html http://www.mozilla.org/security/announce/2007/mfsa2007-03.html http://www.mozilla.org/security/announce/2007/mfsa2007-06.html http://www.mozilla.org/security/announce/2007/mfsa2007-07.html
OTHER REFERENCES: SA24175: http://secunia.com/advisories/24175/
SA24205: http://secunia.com/advisories/24205/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1336-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 22nd, 2007 http://www.debian.org/security/faq
Package : mozilla-firefox Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2007-1282 CVE-2007-0994 CVE-2007-0995 CVE-2007-0996 CVE-2007-0981 CVE-2007-0008 CVE-2007-0009 CVE-2007-0775 CVE-2007-0778 CVE-2007-0045 CVE-2006-6077
Several remote vulnerabilities have been discovered in Mozilla Firefox.
This will be the last security update of Mozilla-based products for the oldstable (sarge) distribution of Debian. We recommend to upgrade to stable (etch) as soon as possible.
The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:
CVE-2007-1282
It was discovered that an integer overflow in text/enhanced message
parsing allows the execution of arbitrary code.
CVE-2007-0994
It was discovered that a regression in the Javascript engine allows
the execution of Javascript with elevated privileges.
CVE-2007-0995
It was discovered that incorrect parsing of invalid HTML characters
allows the bypass of content filters.
CVE-2007-0996
It was discovered that insecure child frame handling allows cross-site
scripting.
CVE-2007-0981
It was discovered that Firefox handles URI withs a null byte in the
hostname insecurely.
CVE-2007-0008
It was discovered that a buffer overflow in the NSS code allows the
execution of arbitrary code.
CVE-2007-0009
It was discovered that a buffer overflow in the NSS code allows the
execution of arbitrary code.
CVE-2007-0775
It was discovered that multiple programming errors in the layout engine
allow the execution of arbitrary code.
CVE-2007-0778
It was discovered that the page cache calculates hashes in an insecure
manner.
CVE-2006-6077
It was discovered that the password manager allows the disclosure of
passwords.
For the oldstable distribution (sarge) these problems have been fixed in version 1.0.4-2sarge17. You should upgrade to etch as soon as possible.
The stable distribution (etch) isn't affected. These vulnerabilities have been fixed prior to the release of Debian etch.
The unstable distribution (sid) no longer contains mozilla-firefox. Iceweasel is already fixed.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.dsc
Size/MD5 checksum: 1641 36715bb647cb3b7cd117edee90a34bfd
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.diff.gz
Size/MD5 checksum: 553311 4ba992e60e5c6b156054c5105b1134ae
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz
Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_alpha.deb
Size/MD5 checksum: 11221890 5d8d1de73d162edf8ddbaa40844bb454
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_alpha.deb
Size/MD5 checksum: 172696 42d5c31ec7a2e3163846c347f04773df
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_alpha.deb
Size/MD5 checksum: 63574 238529b9d4ae396dc01d786d4fb843b4
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_amd64.deb
Size/MD5 checksum: 9429140 8394fcd85a7218db784160702efc5249
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_amd64.deb
Size/MD5 checksum: 166496 795a8ec3e1aa1b0a718ad6f4439670ef
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_amd64.deb
Size/MD5 checksum: 62022 ef315cc90c3780ff151cd2271e913859
ARM architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_arm.deb
Size/MD5 checksum: 8244544 71eaf9cb5418a77410ff12c7f36eb32b
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_arm.deb
Size/MD5 checksum: 157966 5e2e22d04a33ccbc0e6b19b4c4d43492
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_arm.deb
Size/MD5 checksum: 57358 6f34a7a02114e48cadc6860b86f75130
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_hppa.deb
Size/MD5 checksum: 10301620 3700a0b7dcb0ab061b3521e2a3f232f9
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_hppa.deb
Size/MD5 checksum: 169432 387b8fa52d406dfdd26c3adc3ccac615
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_hppa.deb
Size/MD5 checksum: 62500 80addaf2d87b6952fdc9104c5fc9dfde
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_i386.deb
Size/MD5 checksum: 8919924 8fc67257357687c8611b3e4e5389aee4
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_i386.deb
Size/MD5 checksum: 161684 6c989c4276e34c6031b6185418a8ddb1
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_i386.deb
Size/MD5 checksum: 58896 7e48aa697c8c17f7d22de860a17e7dfd
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_ia64.deb
Size/MD5 checksum: 11664142 aa008699700ba3c8b45d3a8961e99192
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_ia64.deb
Size/MD5 checksum: 172030 e79af50f04490de310cda7f6ce652d44
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_ia64.deb
Size/MD5 checksum: 66718 8cabdbf0919ac447c5d492ef6227d9af
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_m68k.deb
Size/MD5 checksum: 8196148 e3544446b371fd7ed4b79e53f69b556a
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_m68k.deb
Size/MD5 checksum: 160556 0164d4c0f675a020643ccedf94a55eb8
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_m68k.deb
Size/MD5 checksum: 58168 b429907e69e8daa7d51e45552659da27
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mips.deb
Size/MD5 checksum: 9954006 0eb0513fc950e7cd8abcae9666b24a7b
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mips.deb
Size/MD5 checksum: 159496 ca0585a663a5470d3a62ae0786864beb
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mips.deb
Size/MD5 checksum: 59170 22ea96156de56d046a7afd73d4857419
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mipsel.deb
Size/MD5 checksum: 9831728 dda6865c7290fce658847f0909617c73
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mipsel.deb
Size/MD5 checksum: 159060 e7a7c4db0f5df82f84ceef6827df2bea
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mipsel.deb
Size/MD5 checksum: 58984 b0b02ac1c62041db8d377a7ff40c013c
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge15_powerpc.deb
Size/MD5 checksum: 8587718 8d219ce9e684b86babfe31db9d7d9658
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge15_powerpc.deb
Size/MD5 checksum: 159762 41f3707945d5edae6ee1ac90bdef5cab
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge15_powerpc.deb
Size/MD5 checksum: 60936 1a79408acd12828a3710393e05d99914
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_s390.deb
Size/MD5 checksum: 9667078 5838d957637b4d4c2c19afea0dd68db5
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_s390.deb
Size/MD5 checksum: 167092 4dd6de7299014d5e0c13da8e480a7f3c
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_s390.deb
Size/MD5 checksum: 61472 64d10c667ed4c6c12947c49f5cca8ff6
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_sparc.deb
Size/MD5 checksum: 8680322 241cddabdf91eb14b0a6529ffc84a51d
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_sparc.deb
Size/MD5 checksum: 160304 7887081b85d3ead3994a997608bbe22a
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_sparc.deb
Size/MD5 checksum: 57718 4a4eeeb0815cb03d51f74965403911ad
These files will probably be moved into the oldstable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
iD8DBQFGo5b7Xm3vHE4uyloRAsdgAKDTo6NxeylHh30syJpFeyF5/Yr/XwCdH188 NdI5zd36oN5mVqIDUsqYC3o= =/qY/ -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-428-1 February 26, 2007 firefox vulnerabilities CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.10 Ubuntu 6.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 5.10: firefox 1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1
Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1 libnspr4 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1 libnss3 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1
Ubuntu 6.10: firefox 2.0.0.2+0dfsg-0ubuntu0.6.10 libnspr4 2.0.0.2+0dfsg-0ubuntu0.6.10 libnss3 2.0.0.2+0dfsg-0ubuntu0.6.10
After a standard system upgrade you need to restart Firefox to effect the necessary changes.
Details follow:
Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious web site could exploit these to modify the contents or steal confidential data (such as passwords) from other opened web pages. (CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996)
The SSLv2 protocol support in the NSS library did not sufficiently check the validity of public keys presented with a SSL certificate. A malicious SSL web site using SSLv2 could potentially exploit this to execute arbitrary code with the user's privileges. (CVE-2007-0008)
The SSLv2 protocol support in the NSS library did not sufficiently verify the validity of client master keys presented in an SSL client certificate. (CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-1092)
Two web pages could collide in the disk cache with the result that depending on order loaded the end of the longer document could be appended to the shorter when the shorter one was reloaded from the cache. It is possible a determined hacker could construct a targeted attack to steal some sensitive data from a particular web page. The potential victim would have to be already logged into the targeted service (or be fooled into doing so) and then visit the malicious site. (CVE-2007-0778)
David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using custom cursor images and a specially crafted style sheet. (CVE-2007-0779)
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1.diff.gz
Size/MD5: 176831 76744cf2123e13143408e37deb2311c0
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1.dsc
Size/MD5: 1063 eac4c86acb16ad4cf85604e5cc9f441c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10.orig.tar.gz
Size/MD5: 44679183 d55d439c238064ddcedb8fabb6089ff2
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_all.deb
Size/MD5: 50314 d17e00b536378e1710c918f2b834e513
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_all.deb
Size/MD5: 51208 abdc905b5e3c31c05a427defdc9035bc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb
Size/MD5: 3167242 01f67e394a7b569df52fd02513712811
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb
Size/MD5: 217230 bc5d29d293abc4665c052c0fc76aef79
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb
Size/MD5: 83544 d7978eba50c0e82d4e3606240e38e3fa
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb
Size/MD5: 10311286 4ea4f615c24ecceae90e7b432ddb5e4a
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb
Size/MD5: 3167298 571b158ab384827e881ab52d05c7afcb
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb
Size/MD5: 210744 0092218d208b41e1a72b1303a77b3238
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb
Size/MD5: 75946 21eda2226572b3c3143f8e4ab8145ba6
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb
Size/MD5: 8712048 66138335623748c529c3050084ceadaa
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb
Size/MD5: 3167330 7cdba77a564720cf82ea475eace3aef5
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb
Size/MD5: 214166 630d44a2240aa9d8790de3db3e9b05ff
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb
Size/MD5: 79138 f4b3d39d326f77acde26161d1d66c84b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb
Size/MD5: 9899346 9066e6747aa0337985a1f29f4e64cffd
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb
Size/MD5: 3167284 e6726b6ed59b5c083796ae93c6eedc64
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb
Size/MD5: 211730 b1f127d2df48b09c7b404f09754c71be
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb
Size/MD5: 77516 8b430af0eadfa18b180f2637fafa7a5e
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb
Size/MD5: 9227232 727146f6c93a565f8aabda0a1bbfc80b
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.diff.gz
Size/MD5: 177547 396588ea856af87e8137682342648d1d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.dsc
Size/MD5: 1120 1625dcf8053738851d0a2978b6f0e315
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10.orig.tar.gz
Size/MD5: 44679183 d55d439c238064ddcedb8fabb6089ff2
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_all.deb
Size/MD5: 50410 66f8a212fb4dbf22b9c8abbb21650d2c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_all.deb
Size/MD5: 51296 8dc3631d49303156f74ba2e0ad72c744
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 47439362 0e8e0cc7f0385fc74a953610f7f41c11
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 2804532 a9c1cd1a790a715b6ad58785cb0eea01
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 217360 f217f66f7563f80f309e065a44a08cfb
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 83620 0b3738208c8069b8a5449a59ae604293
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 9553646 c66621583e808b88663b200ad3238f7a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 220158 e4f1cc5b0c2edc41cf1e4c6aa3051a33
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 163484 e1c0ab1f05132b717751783ccc0c22c1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 245468 10d43347432618aaa140c081c20ed10f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 710556 53cb8cc7e3a7d346630184980df34ff5
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 44003676 a53682ff42f56d8dd494c96d2e3817d5
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 2804534 281bc91e92c6224df7c77b4ce2840e1b
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 210766 0d2d6ecfaa6ad0b629fc78159a8ba0f3
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 75992 fc370791f6533f01409d3b369505766a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 8044874 cbda163790d814d785831358cb53cabc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 220160 2067d9432ff164e7344bd8142bb026ff
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 148072 274cd0206aafa1a5ad02dbe279a37216
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 245474 ed709e80de120a795d79df237b6dd421
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb
Size/MD5: 616162 766f3224ad0924ae1d47c6970a2bfd16
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 48831230 a594a826614ab062cb8e12a5e67a7115
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 2804524 01b3f645267c4b3b166a6dcdebe099cf
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 214208 d5563084e7a175423a1a27d98270c5a7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 79110 fa20295177cf290ee980127c3ed1ff33
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 9215262 f641d7657a284bd049c75d5119512013
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 220160 b684d9f82943b8698b9f369737cd318a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 160684 0919604b7e446d0a7923968ee1d0357b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 245472 d9e5620a0672e46e89a90123430e78ae
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 655490 5c4225025b12a75900899859c6b616d1
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 45406824 2ade39640c714000138eec2c5b8691f9
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 2804570 0f0d35704d9f00e41c3ccce5535cb9ce
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 211712 f88704bb8c6671debcfae882f408c607
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 77564 d5b89bc054fb2c6cf0089b04c727d0a7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 8571602 6eb03eae7ffb19c3afc766a016d2e723
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 220156 a92bbd2e0e9a936355abeaae9376264c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 150554 85be23282c348b3de7bf3786aa56a5a6
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 245474 dd03340bae55531e40a887ad5204c774
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 599816 04b5ea1db1aa17f292481d913eddecb5
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10.diff.gz
Size/MD5: 322293 4d8894d022833e46c25d5e6ce269ee5b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10.dsc
Size/MD5: 1218 c6708c7c771a995e0ec709cc022ce61a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg.orig.tar.gz
Size/MD5: 46466665 f6dad051f9995ebba310e8cd6497ae9f
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 236878 52d4d42a0881949da47a5f7946d2edec
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55668 a379aaf8d4f67465c0e71aaa852a3b8a
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55762 aea5774743b8e3bc90c8349099e9c423
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55776 85b1c150c432f3fc2038a5ff3a5804ed
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 56574 91e46691914551281676003e3b6589bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 50341952 381fc5626f047660d2bdd680824db54d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 3120906 263ed42e4bdbcc4ba3010744cb900160
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 90062 198b64dcde3d7e1eb9bed2aeb32ce808
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 10399974 e3adef875d5fefa75c56fdf614183bdc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 225444 9a1465fcc7386edba0fb81d00079066e
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 168168 1ccb3b97ed970c07bbdf6fb769f2e4b5
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 250820 df7c647e48cb8941a0421d5f1a5c4661
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 862110 87c01e4266d1c06d1097e5f8a58806d2
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 49498816 4c61ffe25628585a91e1d90180997343
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 3111488 1ec3b0bbe8564828421f381ed8b0d5fb
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 83792 91c2b8d2410921fd6e19c742e9552550
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 9225462 4c0d2cb608ee830bdc38b7f8d89f9a33
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 225434 5293ae8d41c018d4a956555c189fd7f6
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 157774 cc2c474e306b1d80db79cdba936c2ee6
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 250794 42e6e643fb73ae668e569ec3d5052ea9
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 785948 fefc874278ea69ba2a8b518d6826e158
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 52033226 d7ddf5236086638446d6ea4775c833ee
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 3117424 0a5038c00b1997b6c7b72f16e1ca85e7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 85668 25e4f56d5311cc9e3a0ecaf28d6189ff
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 10067834 1758c9d69c571c0d7bf9ec20b74e2a33
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 225432 241089d26f31cb5e0816debe7b09a55d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 166830 dd932812a920701677df9b3bf9970023
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 250798 65cddc61ad6f809004d342dcdf07c2cc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 860802 217ffcce7a3a99cabd9b4cff500281a8
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 49550142 e432529be2a2c6b7b327ede81d2cc1c3
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 3108058 4a2bc97252c385fe323b56b7fb03c64f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 83484 8d24e2420d7d2188a620674aa566956d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 9493984 e311cd75fa46ed1a47958f6883ea65aa
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 225444 fdcd4bf5450574bcbe7d3aca89dbc403
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 155678 a99e5fc7bef8c29e0e89c48288144fc6
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 250800 dd3473d37b593e55c82f5dce245bebe0
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 766616 ba23d67757ddc39888e92f6af56ec67d
.
Update:
A regression was found in the latest Firefox packages provided where changes to library paths caused applications that depended on the NSS libraries (such as Thunderbird and Evolution) to fail to start or fail to load certain SSL-related security components. These new packages correct that problem and we apologize for any inconvenience the previous update may have caused.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0996 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1092 http://www.mozilla.org/security/announce/2007/mfsa2007-01.html http://www.mozilla.org/security/announce/2007/mfsa2007-02.html http://www.mozilla.org/security/announce/2007/mfsa2007-03.html http://www.mozilla.org/security/announce/2007/mfsa2007-04.html http://www.mozilla.org/security/announce/2007/mfsa2007-05.html http://www.mozilla.org/security/announce/2007/mfsa2007-06.html http://www.mozilla.org/security/announce/2007/mfsa2007-07.html http://www.mozilla.org/security/announce/2007/mfsa2007-08.html
Updated Packages:
Mandriva Linux 2007.0: 411bc0bdd8dc32950a84c77ed3319508 2007.0/i586/libmozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.i586.rpm 9ceb031931003fb861882f4455c6648b 2007.0/i586/libmozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.i586.rpm db615eadf763927182c8657d11b1ae54 2007.0/i586/libnspr4-1.5.0.10-2mdv2007.0.i586.rpm bd7dca3e972f552b5dd347822e17f1e1 2007.0/i586/libnspr4-devel-1.5.0.10-2mdv2007.0.i586.rpm bb4709aa4bf277e32c25e07d93641802 2007.0/i586/libnspr4-static-devel-1.5.0.10-2mdv2007.0.i586.rpm babf7d44d0340cd51f45249d3002180e 2007.0/i586/libnss3-1.5.0.10-2mdv2007.0.i586.rpm 19a967982b748b879b1904d5bcea174d 2007.0/i586/libnss3-devel-1.5.0.10-2mdv2007.0.i586.rpm 6333bab7a5d530836fa5a64383bcdd30 2007.0/i586/mozilla-firefox-1.5.0.10-2mdv2007.0.i586.rpm 72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 9fe9779d9d02f0aa73d28096cc237d00 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.x86_64.rpm 3c0a879b450f5c2569eb81d397a82906 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.x86_64.rpm 338d81330e754d5ffd22dea67c2fbfd2 2007.0/x86_64/lib64nspr4-1.5.0.10-2mdv2007.0.x86_64.rpm 0c840ec9a78c48d975db6bca80e53caa 2007.0/x86_64/lib64nspr4-devel-1.5.0.10-2mdv2007.0.x86_64.rpm 3f1ba2da63bf990b3958f184bdf4d96f 2007.0/x86_64/lib64nspr4-static-devel-1.5.0.10-2mdv2007.0.x86_64.rpm cd9ef9efe9f859467a07bfc20899156d 2007.0/x86_64/lib64nss3-1.5.0.10-2mdv2007.0.x86_64.rpm d6243e7d7c76a5ff5a418f7304cdcff2 2007.0/x86_64/lib64nss3-devel-1.5.0.10-2mdv2007.0.x86_64.rpm 0fec2d70c6a797521304598b802d03b1 2007.0/x86_64/mozilla-firefox-1.5.0.10-2mdv2007.0.x86_64.rpm 72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm
Corporate 3.0: 24fbf58752279b3a5ec8d186d7c6142b corporate/3.0/i586/libnspr4-1.5.0.10-1.1.C30mdk.i586.rpm cc59dd85bcdc065ed4ee7f3d299e971a corporate/3.0/i586/libnspr4-devel-1.5.0.10-1.1.C30mdk.i586.rpm 284b6bf1210fb854361a9af3062528e1 corporate/3.0/i586/libnspr4-static-devel-1.5.0.10-1.1.C30mdk.i586.rpm cf17ffa7ff1734b850c7f7a5b7f780ee corporate/3.0/i586/libnss3-1.5.0.10-1.1.C30mdk.i586.rpm 82e74bce4abb564958d0225bc94687d6 corporate/3.0/i586/libnss3-devel-1.5.0.10-1.1.C30mdk.i586.rpm 5af5da7a1f51c609568f03b2026c0687 corporate/3.0/i586/mozilla-firefox-1.5.0.10-1.1.C30mdk.i586.rpm df2d940bf4af073e1dc983c1143a8079 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.i586.rpm efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm
Corporate 3.0/X86_64: be6fa4a501b973f9016716ae6ffb1b25 corporate/3.0/x86_64/lib64nspr4-1.5.0.10-1.1.C30mdk.x86_64.rpm a06bb78d6531ffac3e750236a0cb13de corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm 2f2dd393236be80e8f8ca226145115e7 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm 3a42bca7fd7ab26e65bf0a4ca7485db1 corporate/3.0/x86_64/lib64nss3-1.5.0.10-1.1.C30mdk.x86_64.rpm 68cef069c9e2d4f1336c58e8e5f126ca corporate/3.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm 0bd6c6adc8fd1be8d3b02fb5505c9330 corporate/3.0/x86_64/mozilla-firefox-1.5.0.10-1.1.C30mdk.x86_64.rpm 27262a966199c19006327fa21dab1f69 corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm
Corporate 4.0: 0f782ea68bc9177e333dd77c26eeec7f corporate/4.0/i586/libnspr4-1.5.0.10-1.1.20060mlcs4.i586.rpm 408511a886dd0619f4ae9a1d93137eeb corporate/4.0/i586/libnspr4-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm 6b3ad9cf7c2f4b7a008c6fd9c584289b corporate/4.0/i586/libnspr4-static-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm 31927dd82ca439052fe166e6b2864e07 corporate/4.0/i586/libnss3-1.5.0.10-1.1.20060mlcs4.i586.rpm 021eef345d030d8112f227b0b2c3a0f6 corporate/4.0/i586/libnss3-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm 2485f65a1860840e7abe7cd5a447c538 corporate/4.0/i586/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.i586.rpm ef609ec54c3e70b47067668f68c74e65 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm 64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: fab1a497ea9801a29637f049e520422b corporate/4.0/x86_64/lib64nspr4-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 647d403327794eb30e81e6b91b407dd1 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 247c6c555fe4917bbdf3ae884ac309ba corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 710e426e4200912e2b4718d1c0613c58 corporate/4.0/x86_64/lib64nss3-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 2efe3ddeb772f3d706f429bccd34675c corporate/4.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 13e414365c4f1d3768a375cf29a40aa4 corporate/4.0/x86_64/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 261d63f5547804f20ee022290429c866 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFF6H18mqjQ0CJFipgRAna2AJ9Qa8Vf923jNIzai9QzQOOS4NRETgCgyICD +eNPSjeb5EQGZ6E5dYWPNSM= =AgMP -----END PGP SIGNATURE-----
.
Background
Mozilla Firefox is a popular open-source web browser from the Mozilla Project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/mozilla-firefox < 2.0.0.2 >= 1.5.0.10 >= 2.0.0.2 2 www-client/mozilla-firefox-bin < 2.0.0.2 >= 1.5.0.10 >= 2.0.0.2 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. -------------------------------------------------------------------
Description
Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects Mozilla Firefox 2 only. Various researchers reported some errors in the JavaScript engine potentially leading to memory corruption. Mozilla Firefox also contains minor vulnerabilities involving cache collision and unsafe pop-up restrictions, filtering or CSS rendering under certain conditions.
Impact
An attacker could entice a user to view a specially crafted web page that will trigger one of the vulnerabilities, possibly leading to the execution of arbitrary code. It is also possible for an attacker to spoof the address bar, steal information through cache collision, bypass the local files protection mechanism with pop-ups, or perform cross-site scripting attacks, leading to the exposure of sensitive information, like user credentials.
Workaround
There is no known workaround at this time for all of these issues, but most of them can be avoided by disabling JavaScript.
Resolution
Users upgrading to the following releases of Mozilla Firefox should note that this upgrade has been found to lose the saved passwords file in some cases. The saved passwords are encrypted and stored in the 'signons.txt' file of ~/.mozilla/ and we advise our users to save that file before performing the upgrade.
All Mozilla Firefox 1.5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.5.0.10"
All Mozilla Firefox 1.5 binary users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.5.0.10"
All Mozilla Firefox 2.0 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-2.0.0.2"
All Mozilla Firefox 2.0 binary users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-2.0.0.2"
References
[ 1 ] CVE-2006-6077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077 [ 2 ] CVE-2007-0775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775 [ 3 ] CVE-2007-0776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0776 [ 4 ] CVE-2007-0777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777 [ 5 ] CVE-2007-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778 [ 6 ] CVE-2007-0779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779 [ 7 ] CVE-2007-0780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780 [ 8 ] CVE-2007-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800 [ 9 ] CVE-2007-0801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0801 [ 10 ] CVE-2007-0981 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981 [ 11 ] CVE-2007-0995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995 [ 12 ] Mozilla password loss bug https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200703-04.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200611-0368", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "navigator", "scope": "eq", "trust": 1.6, "vendor": "netscape", "version": "8.1.2" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "1.5.0.1" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "1.5.0.4" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "1.5.0.6" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "1.5.0.3" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "1.5" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "2.0" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "1.5.0.5" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "1.5.0.2" }, { "model": "firefox", "scope": "eq", "trust": 1.3, "vendor": "mozilla", "version": "1.5.0.7" }, { "model": "firefox", "scope": "lte", "trust": 1.0, "vendor": "mozilla", "version": "1.5.0.8" }, { "model": "firefox", "scope": "lte", "trust": 0.8, "vendor": "mozilla", "version": "1.5.0.9" }, { "model": "firefox", "scope": "lte", "trust": 0.8, "vendor": "mozilla", "version": "2.0.0.1" }, { "model": "seamonkey", "scope": "lte", "trust": 0.8, "vendor": "mozilla", "version": "1.0.7" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0 (x86-64)" }, { "model": "turbolinux", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10_f" }, { "model": "turbolinux desktop", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux multimedia", "scope": null, "trust": 0.8, "vendor": "turbo linux", "version": null }, { "model": "turbolinux personal", "scope": null, "trust": 0.8, "vendor": "turbo linux", "version": null }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10 (x64)" }, { "model": "home", "scope": null, "trust": 0.8, "vendor": "turbo linux", "version": null }, { "model": "netscape", "scope": "eq", "trust": 0.8, "vendor": "netscape", "version": "8.1.2 ( other may also be affected. )" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "11.11" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "11.23" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (server)" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5.0 (client)" }, { "model": "linux advanced workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1" }, { "model": "rhel desktop workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (client)" }, { "model": "rhel optional productivity applications", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (server)" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.5" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2007.0" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "hp-ux b.11.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.9" }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.7.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.10" }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.2" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.10" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0x86" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "rpath", "version": "1" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.10" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10.1x86" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.8" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.10" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.10" }, { "model": "personal", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "novell linux desktop", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9" }, { "model": "unitedlinux", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "1.0" }, { "model": "linux m68k", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "fuji", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.1" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "11.0" }, { "model": "linux hppa", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "messaging storage server mm3.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "messaging storage server", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.6" }, { "model": "firefox beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.52" }, { "model": "seamonkey", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "1.0.8" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.10" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.10" }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.2" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.10" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0" }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.8" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4.0" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.6" }, { "model": "home", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.7" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2007.0" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8" }, { "model": "suse linux retail solution", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "8.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "enterprise linux optional productivity application server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.8" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "firefox beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.01" }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10.0x86" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.10" }, { "model": "fedora core5", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.8.4" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.3" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.2" }, { "model": "firefox rc3", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "firefox beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.51" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "firefox rc2", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.1" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "f...", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9.3x86" }, { "model": "novell linux pos", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9" }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.8.3" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.10" }, { "model": "open-enterprise-server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "0" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "fedora core6", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.4" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "propack sp6", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "suse linux school server for i386", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.2" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "seamonkey dev", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.12" }, { "model": "enterprise linux desktop workstation client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "camino", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.3" }, { "model": "linux mipsel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "suse linux openexchange server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "4.0" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.8" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0.0x64" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9" }, { "model": "browser", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "8.1.2" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "camino", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "1.5.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "multimedia", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null } ], "sources": [ { "db": "BID", "id": "21240" }, { "db": "JVNDB", "id": "JVNDB-2006-000790" }, { "db": "CNNVD", "id": "CNNVD-200611-402" }, { "db": "NVD", "id": "CVE-2006-6077" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:mozilla:firefox", "vulnerable": true }, { "cpe22Uri": "cpe:/a:mozilla:seamonkey", "vulnerable": true }, { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_home", "vulnerable": true }, { "cpe22Uri": "cpe:/a:netscape:netscape", "vulnerable": true }, { "cpe22Uri": "cpe:/o:hp:hp-ux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation", "vulnerable": true }, { "cpe22Uri": "cpe:/a:redhat:rhel_optional_productivity_applications", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2006-000790" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Robert Chapin discovered this weakness.", "sources": [ { "db": "BID", "id": "21240" }, { "db": "CNNVD", "id": "CNNVD-200611-402" } ], "trust": 0.9 }, "cve": "CVE-2006-6077", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2006-6077", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-22185", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2006-6077", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2006-6077", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-200611-402", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-22185", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-22185" }, { "db": "JVNDB", "id": "JVNDB-2006-000790" }, { "db": "CNNVD", "id": "CNNVD-200611-402" }, { "db": "NVD", "id": "CVE-2006-6077" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password. Mozilla According to, there have been reports of phishing cases where this password manager issue was exploited. Mozilla Firefox is reportedly prone to an information-disclosure weakness because it fails to properly notify users of the automatic population of form fields in disparate URLs deriving from the same domain. \nExploiting this issue may allow attackers to obtain user credentials that have been saved in forms deriving from the same website where attack code resides. The most common manifestation of this condition would typically be in blogs or forums. This may allow attackers to access potentially sensitive information that would facilitate the success of phishing attacks. \nInitial reports and preliminary testing indicate that this issue affects only Firefox 2. \nUPDATE: Firefox 2.0.0.10 is still vulnerable to the issue. \nUPDATE (March 17, 2008): Unconfirmed reports indicate that this issue affects Firefox 2.0.0.12; we will update this BID as more information emerges. \n\n----------------------------------------------------------------------\n\nSecunia is proud to announce the availability of the Secunia Software\nInspector. \n\nThe Secunia Software Inspector is a free service that detects insecure\nversions of software that you may have installed in your system. When\ninsecure versions are detected, the Secunia Software Inspector also\nprovides thorough guidelines for updating the software to the latest\nsecure version from the vendor. \n\nTry it out online:\nhttp://secunia.com/software_inspector/\n\n----------------------------------------------------------------------\n\nTITLE:\nNetscape Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA24289\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24289/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSecurity Bypass, Cross Site Scripting, Exposure of sensitive\ninformation, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNetscape 8.x\nhttp://secunia.com/product/5134/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Netscape, which can be\nexploited by malicious people to bypass certain security restrictions,\ngain knowledge of sensitive information, conduct cross-site scripting\nattacks, or potentially compromise a user\u0027s system. \n\nSee vulnerabilities #1, #2, #6, and #7 for more information:\nSA24205\n\nThe vulnerabilities have been reported in version 8.1.2. \n\nSOLUTION:\nDo not browse untrusted sites and disable Javascript. \n\nORIGINAL ADVISORY:\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-02.html\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-03.html\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-06.html\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-07.html\n\nOTHER REFERENCES:\nSA24175:\nhttp://secunia.com/advisories/24175/\n\nSA24205:\nhttp://secunia.com/advisories/24205/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1336-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJuly 22nd, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla-firefox\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2007-1282 CVE-2007-0994 CVE-2007-0995 CVE-2007-0996 CVE-2007-0981 CVE-2007-0008 CVE-2007-0009 CVE-2007-0775 CVE-2007-0778 CVE-2007-0045 CVE-2006-6077\n\nSeveral remote vulnerabilities have been discovered in Mozilla Firefox. \n\nThis will be the last security update of Mozilla-based products for\nthe oldstable (sarge) distribution of Debian. We recommend to upgrade\nto stable (etch) as soon as possible. \n\nThe Common Vulnerabilities and Exposures project identifies the following\nvulnerabilities:\n\nCVE-2007-1282\n\n It was discovered that an integer overflow in text/enhanced message\n parsing allows the execution of arbitrary code. \n\nCVE-2007-0994\n\n It was discovered that a regression in the Javascript engine allows\n the execution of Javascript with elevated privileges. \n\nCVE-2007-0995\n\n It was discovered that incorrect parsing of invalid HTML characters\n allows the bypass of content filters. \n\nCVE-2007-0996\n\n It was discovered that insecure child frame handling allows cross-site\n scripting. \n\nCVE-2007-0981\n\n It was discovered that Firefox handles URI withs a null byte in the\n hostname insecurely. \n\nCVE-2007-0008\n\n It was discovered that a buffer overflow in the NSS code allows the\n execution of arbitrary code. \n\nCVE-2007-0009\n\n It was discovered that a buffer overflow in the NSS code allows the\n execution of arbitrary code. \n\nCVE-2007-0775\n\n It was discovered that multiple programming errors in the layout engine\n allow the execution of arbitrary code. \n\nCVE-2007-0778\n\n It was discovered that the page cache calculates hashes in an insecure\n manner. \n\nCVE-2006-6077\n\n It was discovered that the password manager allows the disclosure of\n passwords. \n\nFor the oldstable distribution (sarge) these problems have been fixed in\nversion 1.0.4-2sarge17. You should upgrade to etch as soon as possible. \n\nThe stable distribution (etch) isn\u0027t affected. These vulnerabilities have\nbeen fixed prior to the release of Debian etch. \n\nThe unstable distribution (sid) no longer contains mozilla-firefox. Iceweasel\nis already fixed. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.dsc\n Size/MD5 checksum: 1641 36715bb647cb3b7cd117edee90a34bfd\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.diff.gz\n Size/MD5 checksum: 553311 4ba992e60e5c6b156054c5105b1134ae\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz\n Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_alpha.deb\n Size/MD5 checksum: 11221890 5d8d1de73d162edf8ddbaa40844bb454\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_alpha.deb\n Size/MD5 checksum: 172696 42d5c31ec7a2e3163846c347f04773df\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_alpha.deb\n Size/MD5 checksum: 63574 238529b9d4ae396dc01d786d4fb843b4\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_amd64.deb\n Size/MD5 checksum: 9429140 8394fcd85a7218db784160702efc5249\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_amd64.deb\n Size/MD5 checksum: 166496 795a8ec3e1aa1b0a718ad6f4439670ef\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_amd64.deb\n Size/MD5 checksum: 62022 ef315cc90c3780ff151cd2271e913859\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_arm.deb\n Size/MD5 checksum: 8244544 71eaf9cb5418a77410ff12c7f36eb32b\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_arm.deb\n Size/MD5 checksum: 157966 5e2e22d04a33ccbc0e6b19b4c4d43492\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_arm.deb\n Size/MD5 checksum: 57358 6f34a7a02114e48cadc6860b86f75130\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_hppa.deb\n Size/MD5 checksum: 10301620 3700a0b7dcb0ab061b3521e2a3f232f9\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_hppa.deb\n Size/MD5 checksum: 169432 387b8fa52d406dfdd26c3adc3ccac615\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_hppa.deb\n Size/MD5 checksum: 62500 80addaf2d87b6952fdc9104c5fc9dfde\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_i386.deb\n Size/MD5 checksum: 8919924 8fc67257357687c8611b3e4e5389aee4\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_i386.deb\n Size/MD5 checksum: 161684 6c989c4276e34c6031b6185418a8ddb1\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_i386.deb\n Size/MD5 checksum: 58896 7e48aa697c8c17f7d22de860a17e7dfd\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_ia64.deb\n Size/MD5 checksum: 11664142 aa008699700ba3c8b45d3a8961e99192\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_ia64.deb\n Size/MD5 checksum: 172030 e79af50f04490de310cda7f6ce652d44\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_ia64.deb\n Size/MD5 checksum: 66718 8cabdbf0919ac447c5d492ef6227d9af\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_m68k.deb\n Size/MD5 checksum: 8196148 e3544446b371fd7ed4b79e53f69b556a\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_m68k.deb\n Size/MD5 checksum: 160556 0164d4c0f675a020643ccedf94a55eb8\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_m68k.deb\n Size/MD5 checksum: 58168 b429907e69e8daa7d51e45552659da27\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mips.deb\n Size/MD5 checksum: 9954006 0eb0513fc950e7cd8abcae9666b24a7b\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mips.deb\n Size/MD5 checksum: 159496 ca0585a663a5470d3a62ae0786864beb\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mips.deb\n Size/MD5 checksum: 59170 22ea96156de56d046a7afd73d4857419\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mipsel.deb\n Size/MD5 checksum: 9831728 dda6865c7290fce658847f0909617c73\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mipsel.deb\n Size/MD5 checksum: 159060 e7a7c4db0f5df82f84ceef6827df2bea\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mipsel.deb\n Size/MD5 checksum: 58984 b0b02ac1c62041db8d377a7ff40c013c\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge15_powerpc.deb\n Size/MD5 checksum: 8587718 8d219ce9e684b86babfe31db9d7d9658\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge15_powerpc.deb\n Size/MD5 checksum: 159762 41f3707945d5edae6ee1ac90bdef5cab\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge15_powerpc.deb\n Size/MD5 checksum: 60936 1a79408acd12828a3710393e05d99914\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_s390.deb\n Size/MD5 checksum: 9667078 5838d957637b4d4c2c19afea0dd68db5\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_s390.deb\n Size/MD5 checksum: 167092 4dd6de7299014d5e0c13da8e480a7f3c\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_s390.deb\n Size/MD5 checksum: 61472 64d10c667ed4c6c12947c49f5cca8ff6\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_sparc.deb\n Size/MD5 checksum: 8680322 241cddabdf91eb14b0a6529ffc84a51d\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_sparc.deb\n Size/MD5 checksum: 160304 7887081b85d3ead3994a997608bbe22a\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_sparc.deb\n Size/MD5 checksum: 57718 4a4eeeb0815cb03d51f74965403911ad\n\n These files will probably be moved into the oldstable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFGo5b7Xm3vHE4uyloRAsdgAKDTo6NxeylHh30syJpFeyF5/Yr/XwCdH188\nNdI5zd36oN5mVqIDUsqYC3o=\n=/qY/\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. =========================================================== \nUbuntu Security Notice USN-428-1 February 26, 2007\nfirefox vulnerabilities\nCVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775,\nCVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779,\nCVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995,\nCVE-2007-0996, CVE-2007-1092\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 5.10\nUbuntu 6.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 5.10:\n firefox 1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1\n\nUbuntu 6.06 LTS:\n firefox 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1\n libnspr4 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1\n libnss3 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1\n\nUbuntu 6.10:\n firefox 2.0.0.2+0dfsg-0ubuntu0.6.10\n libnspr4 2.0.0.2+0dfsg-0ubuntu0.6.10\n libnss3 2.0.0.2+0dfsg-0ubuntu0.6.10\n\nAfter a standard system upgrade you need to restart Firefox to effect\nthe necessary changes. \n\nDetails follow:\n\nSeveral flaws have been found that could be used to perform Cross-site\nscripting attacks. A malicious web site could exploit these to modify\nthe contents or steal confidential data (such as passwords) from other\nopened web pages. (CVE-2006-6077, CVE-2007-0780, CVE-2007-0800,\nCVE-2007-0981, CVE-2007-0995, CVE-2007-0996)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently\ncheck the validity of public keys presented with a SSL certificate. A\nmalicious SSL web site using SSLv2 could potentially exploit this to\nexecute arbitrary code with the user\u0027s privileges. (CVE-2007-0008)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently\nverify the validity of client master keys presented in an SSL client\ncertificate. (CVE-2007-0775, CVE-2007-0776,\nCVE-2007-0777, CVE-2007-1092)\n\nTwo web pages could collide in the disk cache with the result that\ndepending on order loaded the end of the longer document could be\nappended to the shorter when the shorter one was reloaded from the\ncache. It is possible a determined hacker could construct a targeted\nattack to steal some sensitive data from a particular web page. The\npotential victim would have to be already logged into the targeted\nservice (or be fooled into doing so) and then visit the malicious\nsite. (CVE-2007-0778)\n\nDavid Eckel reported that browser UI elements--such as the host name\nand security indicators--could be spoofed by using custom cursor\nimages and a specially crafted style sheet. (CVE-2007-0779)\n\n\nUpdated packages for Ubuntu 5.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1.diff.gz\n Size/MD5: 176831 76744cf2123e13143408e37deb2311c0\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1.dsc\n Size/MD5: 1063 eac4c86acb16ad4cf85604e5cc9f441c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10.orig.tar.gz\n Size/MD5: 44679183 d55d439c238064ddcedb8fabb6089ff2\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_all.deb\n Size/MD5: 50314 d17e00b536378e1710c918f2b834e513\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_all.deb\n Size/MD5: 51208 abdc905b5e3c31c05a427defdc9035bc\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb\n Size/MD5: 3167242 01f67e394a7b569df52fd02513712811\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb\n Size/MD5: 217230 bc5d29d293abc4665c052c0fc76aef79\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb\n Size/MD5: 83544 d7978eba50c0e82d4e3606240e38e3fa\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb\n Size/MD5: 10311286 4ea4f615c24ecceae90e7b432ddb5e4a\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb\n Size/MD5: 3167298 571b158ab384827e881ab52d05c7afcb\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb\n Size/MD5: 210744 0092218d208b41e1a72b1303a77b3238\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb\n Size/MD5: 75946 21eda2226572b3c3143f8e4ab8145ba6\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb\n Size/MD5: 8712048 66138335623748c529c3050084ceadaa\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb\n Size/MD5: 3167330 7cdba77a564720cf82ea475eace3aef5\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb\n Size/MD5: 214166 630d44a2240aa9d8790de3db3e9b05ff\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb\n Size/MD5: 79138 f4b3d39d326f77acde26161d1d66c84b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb\n Size/MD5: 9899346 9066e6747aa0337985a1f29f4e64cffd\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb\n Size/MD5: 3167284 e6726b6ed59b5c083796ae93c6eedc64\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb\n Size/MD5: 211730 b1f127d2df48b09c7b404f09754c71be\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb\n Size/MD5: 77516 8b430af0eadfa18b180f2637fafa7a5e\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb\n Size/MD5: 9227232 727146f6c93a565f8aabda0a1bbfc80b\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.diff.gz\n Size/MD5: 177547 396588ea856af87e8137682342648d1d\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.dsc\n Size/MD5: 1120 1625dcf8053738851d0a2978b6f0e315\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10.orig.tar.gz\n Size/MD5: 44679183 d55d439c238064ddcedb8fabb6089ff2\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_all.deb\n Size/MD5: 50410 66f8a212fb4dbf22b9c8abbb21650d2c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_all.deb\n Size/MD5: 51296 8dc3631d49303156f74ba2e0ad72c744\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 47439362 0e8e0cc7f0385fc74a953610f7f41c11\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 2804532 a9c1cd1a790a715b6ad58785cb0eea01\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 217360 f217f66f7563f80f309e065a44a08cfb\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 83620 0b3738208c8069b8a5449a59ae604293\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 9553646 c66621583e808b88663b200ad3238f7a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 220158 e4f1cc5b0c2edc41cf1e4c6aa3051a33\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 163484 e1c0ab1f05132b717751783ccc0c22c1\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 245468 10d43347432618aaa140c081c20ed10f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb\n Size/MD5: 710556 53cb8cc7e3a7d346630184980df34ff5\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 44003676 a53682ff42f56d8dd494c96d2e3817d5\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 2804534 281bc91e92c6224df7c77b4ce2840e1b\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 210766 0d2d6ecfaa6ad0b629fc78159a8ba0f3\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 75992 fc370791f6533f01409d3b369505766a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 8044874 cbda163790d814d785831358cb53cabc\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 220160 2067d9432ff164e7344bd8142bb026ff\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 148072 274cd0206aafa1a5ad02dbe279a37216\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 245474 ed709e80de120a795d79df237b6dd421\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb\n Size/MD5: 616162 766f3224ad0924ae1d47c6970a2bfd16\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 48831230 a594a826614ab062cb8e12a5e67a7115\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 2804524 01b3f645267c4b3b166a6dcdebe099cf\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 214208 d5563084e7a175423a1a27d98270c5a7\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 79110 fa20295177cf290ee980127c3ed1ff33\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 9215262 f641d7657a284bd049c75d5119512013\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 220160 b684d9f82943b8698b9f369737cd318a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 160684 0919604b7e446d0a7923968ee1d0357b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 245472 d9e5620a0672e46e89a90123430e78ae\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb\n Size/MD5: 655490 5c4225025b12a75900899859c6b616d1\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 45406824 2ade39640c714000138eec2c5b8691f9\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 2804570 0f0d35704d9f00e41c3ccce5535cb9ce\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 211712 f88704bb8c6671debcfae882f408c607\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 77564 d5b89bc054fb2c6cf0089b04c727d0a7\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 8571602 6eb03eae7ffb19c3afc766a016d2e723\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 220156 a92bbd2e0e9a936355abeaae9376264c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 150554 85be23282c348b3de7bf3786aa56a5a6\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 245474 dd03340bae55531e40a887ad5204c774\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb\n Size/MD5: 599816 04b5ea1db1aa17f292481d913eddecb5\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10.diff.gz\n Size/MD5: 322293 4d8894d022833e46c25d5e6ce269ee5b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10.dsc\n Size/MD5: 1218 c6708c7c771a995e0ec709cc022ce61a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg.orig.tar.gz\n Size/MD5: 46466665 f6dad051f9995ebba310e8cd6497ae9f\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb\n Size/MD5: 236878 52d4d42a0881949da47a5f7946d2edec\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb\n Size/MD5: 55668 a379aaf8d4f67465c0e71aaa852a3b8a\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb\n Size/MD5: 55762 aea5774743b8e3bc90c8349099e9c423\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb\n Size/MD5: 55776 85b1c150c432f3fc2038a5ff3a5804ed\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb\n Size/MD5: 56574 91e46691914551281676003e3b6589bb\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb\n Size/MD5: 50341952 381fc5626f047660d2bdd680824db54d\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb\n Size/MD5: 3120906 263ed42e4bdbcc4ba3010744cb900160\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb\n Size/MD5: 90062 198b64dcde3d7e1eb9bed2aeb32ce808\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb\n Size/MD5: 10399974 e3adef875d5fefa75c56fdf614183bdc\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb\n Size/MD5: 225444 9a1465fcc7386edba0fb81d00079066e\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb\n Size/MD5: 168168 1ccb3b97ed970c07bbdf6fb769f2e4b5\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb\n Size/MD5: 250820 df7c647e48cb8941a0421d5f1a5c4661\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb\n Size/MD5: 862110 87c01e4266d1c06d1097e5f8a58806d2\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb\n Size/MD5: 49498816 4c61ffe25628585a91e1d90180997343\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb\n Size/MD5: 3111488 1ec3b0bbe8564828421f381ed8b0d5fb\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb\n Size/MD5: 83792 91c2b8d2410921fd6e19c742e9552550\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb\n Size/MD5: 9225462 4c0d2cb608ee830bdc38b7f8d89f9a33\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb\n Size/MD5: 225434 5293ae8d41c018d4a956555c189fd7f6\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb\n Size/MD5: 157774 cc2c474e306b1d80db79cdba936c2ee6\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb\n Size/MD5: 250794 42e6e643fb73ae668e569ec3d5052ea9\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb\n Size/MD5: 785948 fefc874278ea69ba2a8b518d6826e158\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb\n Size/MD5: 52033226 d7ddf5236086638446d6ea4775c833ee\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb\n Size/MD5: 3117424 0a5038c00b1997b6c7b72f16e1ca85e7\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb\n Size/MD5: 85668 25e4f56d5311cc9e3a0ecaf28d6189ff\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb\n Size/MD5: 10067834 1758c9d69c571c0d7bf9ec20b74e2a33\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb\n Size/MD5: 225432 241089d26f31cb5e0816debe7b09a55d\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb\n Size/MD5: 166830 dd932812a920701677df9b3bf9970023\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb\n Size/MD5: 250798 65cddc61ad6f809004d342dcdf07c2cc\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb\n Size/MD5: 860802 217ffcce7a3a99cabd9b4cff500281a8\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb\n Size/MD5: 49550142 e432529be2a2c6b7b327ede81d2cc1c3\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb\n Size/MD5: 3108058 4a2bc97252c385fe323b56b7fb03c64f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb\n Size/MD5: 83484 8d24e2420d7d2188a620674aa566956d\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb\n Size/MD5: 9493984 e311cd75fa46ed1a47958f6883ea65aa\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb\n Size/MD5: 225444 fdcd4bf5450574bcbe7d3aca89dbc403\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb\n Size/MD5: 155678 a99e5fc7bef8c29e0e89c48288144fc6\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb\n Size/MD5: 250800 dd3473d37b593e55c82f5dce245bebe0\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb\n Size/MD5: 766616 ba23d67757ddc39888e92f6af56ec67d\n. \n\n Update:\n\n A regression was found in the latest Firefox packages provided where\n changes to library paths caused applications that depended on the NSS\n libraries (such as Thunderbird and Evolution) to fail to start or fail\n to load certain SSL-related security components. These new packages\n correct that problem and we apologize for any inconvenience the\n previous update may have caused. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0008\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0009\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0996\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1092\n http://www.mozilla.org/security/announce/2007/mfsa2007-01.html\n http://www.mozilla.org/security/announce/2007/mfsa2007-02.html\n http://www.mozilla.org/security/announce/2007/mfsa2007-03.html\n http://www.mozilla.org/security/announce/2007/mfsa2007-04.html\n http://www.mozilla.org/security/announce/2007/mfsa2007-05.html\n http://www.mozilla.org/security/announce/2007/mfsa2007-06.html\n http://www.mozilla.org/security/announce/2007/mfsa2007-07.html\n http://www.mozilla.org/security/announce/2007/mfsa2007-08.html\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 411bc0bdd8dc32950a84c77ed3319508 2007.0/i586/libmozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.i586.rpm\n 9ceb031931003fb861882f4455c6648b 2007.0/i586/libmozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.i586.rpm\n db615eadf763927182c8657d11b1ae54 2007.0/i586/libnspr4-1.5.0.10-2mdv2007.0.i586.rpm\n bd7dca3e972f552b5dd347822e17f1e1 2007.0/i586/libnspr4-devel-1.5.0.10-2mdv2007.0.i586.rpm\n bb4709aa4bf277e32c25e07d93641802 2007.0/i586/libnspr4-static-devel-1.5.0.10-2mdv2007.0.i586.rpm\n babf7d44d0340cd51f45249d3002180e 2007.0/i586/libnss3-1.5.0.10-2mdv2007.0.i586.rpm\n 19a967982b748b879b1904d5bcea174d 2007.0/i586/libnss3-devel-1.5.0.10-2mdv2007.0.i586.rpm\n 6333bab7a5d530836fa5a64383bcdd30 2007.0/i586/mozilla-firefox-1.5.0.10-2mdv2007.0.i586.rpm \n 72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 9fe9779d9d02f0aa73d28096cc237d00 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.x86_64.rpm\n 3c0a879b450f5c2569eb81d397a82906 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.x86_64.rpm\n 338d81330e754d5ffd22dea67c2fbfd2 2007.0/x86_64/lib64nspr4-1.5.0.10-2mdv2007.0.x86_64.rpm\n 0c840ec9a78c48d975db6bca80e53caa 2007.0/x86_64/lib64nspr4-devel-1.5.0.10-2mdv2007.0.x86_64.rpm\n 3f1ba2da63bf990b3958f184bdf4d96f 2007.0/x86_64/lib64nspr4-static-devel-1.5.0.10-2mdv2007.0.x86_64.rpm\n cd9ef9efe9f859467a07bfc20899156d 2007.0/x86_64/lib64nss3-1.5.0.10-2mdv2007.0.x86_64.rpm\n d6243e7d7c76a5ff5a418f7304cdcff2 2007.0/x86_64/lib64nss3-devel-1.5.0.10-2mdv2007.0.x86_64.rpm\n 0fec2d70c6a797521304598b802d03b1 2007.0/x86_64/mozilla-firefox-1.5.0.10-2mdv2007.0.x86_64.rpm \n 72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 24fbf58752279b3a5ec8d186d7c6142b corporate/3.0/i586/libnspr4-1.5.0.10-1.1.C30mdk.i586.rpm\n cc59dd85bcdc065ed4ee7f3d299e971a corporate/3.0/i586/libnspr4-devel-1.5.0.10-1.1.C30mdk.i586.rpm\n 284b6bf1210fb854361a9af3062528e1 corporate/3.0/i586/libnspr4-static-devel-1.5.0.10-1.1.C30mdk.i586.rpm\n cf17ffa7ff1734b850c7f7a5b7f780ee corporate/3.0/i586/libnss3-1.5.0.10-1.1.C30mdk.i586.rpm\n 82e74bce4abb564958d0225bc94687d6 corporate/3.0/i586/libnss3-devel-1.5.0.10-1.1.C30mdk.i586.rpm\n 5af5da7a1f51c609568f03b2026c0687 corporate/3.0/i586/mozilla-firefox-1.5.0.10-1.1.C30mdk.i586.rpm\n df2d940bf4af073e1dc983c1143a8079 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.i586.rpm \n efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n be6fa4a501b973f9016716ae6ffb1b25 corporate/3.0/x86_64/lib64nspr4-1.5.0.10-1.1.C30mdk.x86_64.rpm\n a06bb78d6531ffac3e750236a0cb13de corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm\n 2f2dd393236be80e8f8ca226145115e7 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm\n 3a42bca7fd7ab26e65bf0a4ca7485db1 corporate/3.0/x86_64/lib64nss3-1.5.0.10-1.1.C30mdk.x86_64.rpm\n 68cef069c9e2d4f1336c58e8e5f126ca corporate/3.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm\n 0bd6c6adc8fd1be8d3b02fb5505c9330 corporate/3.0/x86_64/mozilla-firefox-1.5.0.10-1.1.C30mdk.x86_64.rpm\n 27262a966199c19006327fa21dab1f69 corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm \n efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm\n\n Corporate 4.0:\n 0f782ea68bc9177e333dd77c26eeec7f corporate/4.0/i586/libnspr4-1.5.0.10-1.1.20060mlcs4.i586.rpm\n 408511a886dd0619f4ae9a1d93137eeb corporate/4.0/i586/libnspr4-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm\n 6b3ad9cf7c2f4b7a008c6fd9c584289b corporate/4.0/i586/libnspr4-static-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm\n 31927dd82ca439052fe166e6b2864e07 corporate/4.0/i586/libnss3-1.5.0.10-1.1.20060mlcs4.i586.rpm\n 021eef345d030d8112f227b0b2c3a0f6 corporate/4.0/i586/libnss3-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm\n 2485f65a1860840e7abe7cd5a447c538 corporate/4.0/i586/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.i586.rpm\n ef609ec54c3e70b47067668f68c74e65 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm \n 64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n fab1a497ea9801a29637f049e520422b corporate/4.0/x86_64/lib64nspr4-1.5.0.10-1.1.20060mlcs4.x86_64.rpm\n 647d403327794eb30e81e6b91b407dd1 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm\n 247c6c555fe4917bbdf3ae884ac309ba corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm\n 710e426e4200912e2b4718d1c0613c58 corporate/4.0/x86_64/lib64nss3-1.5.0.10-1.1.20060mlcs4.x86_64.rpm\n 2efe3ddeb772f3d706f429bccd34675c corporate/4.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm\n 13e414365c4f1d3768a375cf29a40aa4 corporate/4.0/x86_64/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.x86_64.rpm\n 261d63f5547804f20ee022290429c866 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm \n 64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFF6H18mqjQ0CJFipgRAna2AJ9Qa8Vf923jNIzai9QzQOOS4NRETgCgyICD\n+eNPSjeb5EQGZ6E5dYWPNSM=\n=AgMP\n-----END PGP SIGNATURE-----\n\n. \n\nBackground\n==========\n\nMozilla Firefox is a popular open-source web browser from the Mozilla\nProject. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/mozilla-firefox \u003c 2.0.0.2 *\u003e= 1.5.0.10\n \u003e= 2.0.0.2\n 2 www-client/mozilla-firefox-bin \u003c 2.0.0.2 *\u003e= 1.5.0.10\n \u003e= 2.0.0.2\n -------------------------------------------------------------------\n 2 affected packages on all of their supported architectures. \n -------------------------------------------------------------------\n\nDescription\n===========\n\nTom Ferris reported a heap-based buffer overflow involving wide SVG\nstroke widths that affects Mozilla Firefox 2 only. Various researchers\nreported some errors in the JavaScript engine potentially leading to\nmemory corruption. Mozilla Firefox also contains minor vulnerabilities\ninvolving cache collision and unsafe pop-up restrictions, filtering or\nCSS rendering under certain conditions. \n\nImpact\n======\n\nAn attacker could entice a user to view a specially crafted web page\nthat will trigger one of the vulnerabilities, possibly leading to the\nexecution of arbitrary code. It is also possible for an attacker to\nspoof the address bar, steal information through cache collision,\nbypass the local files protection mechanism with pop-ups, or perform\ncross-site scripting attacks, leading to the exposure of sensitive\ninformation, like user credentials. \n\nWorkaround\n==========\n\nThere is no known workaround at this time for all of these issues, but\nmost of them can be avoided by disabling JavaScript. \n\nResolution\n==========\n\nUsers upgrading to the following releases of Mozilla Firefox should\nnote that this upgrade has been found to lose the saved passwords file\nin some cases. The saved passwords are encrypted and stored in the\n\u0027signons.txt\u0027 file of ~/.mozilla/ and we advise our users to save that\nfile before performing the upgrade. \n\nAll Mozilla Firefox 1.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/mozilla-firefox-1.5.0.10\"\n\nAll Mozilla Firefox 1.5 binary users should upgrade to the latest\nversion:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/mozilla-firefox-bin-1.5.0.10\"\n\nAll Mozilla Firefox 2.0 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/mozilla-firefox-2.0.0.2\"\n\nAll Mozilla Firefox 2.0 binary users should upgrade to the latest\nversion:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/mozilla-firefox-bin-2.0.0.2\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-6077\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077\n [ 2 ] CVE-2007-0775\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775\n [ 3 ] CVE-2007-0776\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0776\n [ 4 ] CVE-2007-0777\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777\n [ 5 ] CVE-2007-0778\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778\n [ 6 ] CVE-2007-0779\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779\n [ 7 ] CVE-2007-0780\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780\n [ 8 ] CVE-2007-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800\n [ 9 ] CVE-2007-0801\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0801\n [ 10 ] CVE-2007-0981\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981\n [ 11 ] CVE-2007-0995\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995\n [ 12 ] Mozilla password loss bug\n https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200703-04.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2006-6077" }, { "db": "JVNDB", "id": "JVNDB-2006-000790" }, { "db": "BID", "id": "21240" }, { "db": "VULHUB", "id": "VHN-22185" }, { "db": "PACKETSTORM", "id": "54701" }, { "db": "PACKETSTORM", "id": "54814" }, { "db": "PACKETSTORM", "id": "57941" }, { "db": "PACKETSTORM", "id": "54812" }, { "db": "PACKETSTORM", "id": "54914" }, { "db": "PACKETSTORM", "id": "54837" } ], "trust": 2.52 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-22185", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-22185" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2006-6077", "trust": 3.3 }, { "db": "BID", "id": "21240", "trust": 2.8 }, { "db": "SECUNIA", "id": "23046", "trust": 2.5 }, { "db": "SECTRACK", "id": "1017271", "trust": 2.5 }, { "db": "SECUNIA", "id": "23108", "trust": 1.9 }, { "db": "SECUNIA", "id": "24238", "trust": 1.9 }, { "db": "SECUNIA", "id": "24205", "trust": 1.9 }, { "db": "SECUNIA", "id": "24395", "trust": 1.7 }, { "db": "SECUNIA", "id": "24437", "trust": 1.7 }, { "db": "SECUNIA", "id": "24457", "trust": 1.7 }, { "db": "SECUNIA", "id": "24650", "trust": 1.7 }, { "db": "SECUNIA", "id": "25588", "trust": 1.7 }, { "db": "SECUNIA", "id": "24393", "trust": 1.7 }, { "db": "BID", "id": "22694", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2006-4662", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2007-0718", "trust": 1.7 }, { "db": "XF", "id": "30470", "trust": 1.4 }, { "db": "SECUNIA", "id": "24328", "trust": 1.1 }, { "db": "SECUNIA", "id": "24320", "trust": 1.1 }, { "db": "SECUNIA", "id": "24342", "trust": 1.1 }, { "db": "SECUNIA", "id": "24293", "trust": 1.1 }, { "db": "SECUNIA", "id": "24290", "trust": 1.1 }, { "db": "SECUNIA", "id": "24343", "trust": 1.1 }, { "db": "SECUNIA", "id": "24384", "trust": 1.1 }, { "db": "SECUNIA", "id": "24333", "trust": 1.1 }, { "db": "SECUNIA", "id": "24287", "trust": 1.1 }, { "db": "JVNDB", "id": "JVNDB-2006-000790", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200611-402", "trust": 0.7 }, { "db": "UBUNTU", "id": "USN-428-1", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2007:0078", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2007:0079", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2007:0097", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2007:0108", "trust": 0.6 }, { "db": "MANDRIVA", "id": "MDKSA-2007:050", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20061123 PASSWORD FLAW ALSO IN FIREFOX 1.5.08. WAS: BIG FLAW IN FIREFOX 2: PASSWORD MANAGER BUG EXPOSES PASSWORDS", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20061221 RE: CRITICAL FLAW IN FIREFOX 2.0.0.1 ALLOWS TO STEAL THE USER PASSWORDS WITH A VIDEOCLIP", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20061220 CRITICAL FLAW IN FIREFOX 2.0.0.1 ALLOWS TO STEAL THE USER PASSWORDS WITH A VIDEOCLIP", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20061222 RE[2]: CRITICAL FLAW IN FIREFOX 2.0.0.1 ALLOWS TO STEAL THE USER PASSWORDS WITH A VIDEOCLIP", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20061122 BIG FLAW IN FIREFOX 2: PASSWORD MANAGER BUG EXPOSES PASSWORDS", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20070303 RPSA-2007-0040-3 FIREFOX THUNDERBIRD", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20070226 RPSA-2007-0040-1 FIREFOX", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20061123 RE: PASSWORD FLAW ALSO IN FIREFOX 1.5.08. WAS: BIG FLAW IN FIREFOX 2: PASSWORD MANAGER BUG EXPOSES PASSWORDS", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20061123 RE: BIG FLAW IN FIREFOX 2: PASSWORD MANAGER BUG EXPOSES PASSWORDS", "trust": 0.6 }, { "db": "SUSE", "id": "SUSE-SA:2007:022", "trust": 0.6 }, { "db": "GENTOO", "id": "GLSA-200703-04", "trust": 0.6 }, { "db": "GENTOO", "id": "GLSA-200703-08", "trust": 0.6 }, { "db": "SLACKWARE", "id": "SSA:2007-066-05", "trust": 0.6 }, { "db": "DEBIAN", "id": "DSA-1336", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "54914", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "54812", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "54814", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "54837", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "55035", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-22185", "trust": 0.1 }, { "db": "SECUNIA", "id": "24289", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "54701", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "57941", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-22185" }, { "db": "BID", "id": "21240" }, { "db": "JVNDB", "id": "JVNDB-2006-000790" }, { "db": "PACKETSTORM", "id": "54701" }, { "db": "PACKETSTORM", "id": "54814" }, { "db": "PACKETSTORM", "id": "57941" }, { "db": "PACKETSTORM", "id": "54812" }, { "db": "PACKETSTORM", "id": "54914" }, { "db": "PACKETSTORM", "id": "54837" }, { "db": "CNNVD", "id": "CNNVD-200611-402" }, { "db": "NVD", "id": "CVE-2006-6077" } ] }, "id": "VAR-200611-0368", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-22185" } ], "trust": 0.01 }, "last_update_date": "2024-11-29T20:57:55.324000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HPSBUX02153", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00771742" }, { "title": "HPSBUX02153", "trust": 0.8, "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02153.html" }, { "title": "seamonkey (V2.x)", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=984" }, { "title": "firefox (V4.0)", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=946" }, { "title": "mfsa2007-02", "trust": 0.8, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-02.html" }, { "title": "mfsa2007-02", "trust": 0.8, "url": "http://www.mozilla-japan.org/security/announce/2007/mfsa2007-02.html" }, { "title": "Top Page", "trust": 0.8, "url": "http://browser.netscape.com/" }, { "title": "RHSA-2007:0077", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2007-0077.html" }, { "title": "RHSA-2007:0078", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2007-0078.html" }, { "title": "RHSA-2007:0079", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2007-0079.html" }, { "title": "RHSA-2007:0097", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2007-0097.html" }, { "title": "RHSA-2007:0108 ", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2007-0108.html" }, { "title": "TLSA-2007-13", "trust": 0.8, "url": "http://www.turbolinux.com/security/2007/TLSA-2007-13.txt" }, { "title": "RHSA-2007:0079", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0079J.html" }, { "title": "RHSA-2007:0097", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0097J.html" }, { "title": "RHSA-2007:0108 ", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0108J.html" }, { "title": "RHSA-2007:0077", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0077J.html" }, { "title": "RHSA-2007:0078", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0078J.html" }, { "title": "TLSA-2007-13", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-13j.txt" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2006-000790" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2006-6077" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.securityfocus.com/bid/21240" }, { "trust": 2.5, "url": "http://securitytracker.com/id?1017271" }, { "trust": 2.3, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-02.html" }, { "trust": 2.0, "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=360493" }, { "trust": 2.0, "url": "http://www.info-svc.com/news/11-21-2006/" }, { "trust": 1.8, "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/22694" }, { "trust": 1.7, "url": "https://issues.rpath.com/browse/rpl-1081" }, { "trust": 1.7, "url": "https://issues.rpath.com/browse/rpl-1103" }, { "trust": 1.7, "url": "http://www.debian.org/security/2007/dsa-1336" }, { "trust": 1.7, "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:050" }, { "trust": 1.7, "url": "http://www.info-svc.com/news/11-21-2006/rcsr1/" }, { "trust": 1.7, "url": "http://rhn.redhat.com/errata/rhsa-2007-0077.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2007-0078.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2007-0079.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2007-0097.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2007-0108.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/23046" }, { "trust": 1.7, "url": "http://secunia.com/advisories/24395" }, { "trust": 1.7, "url": "http://secunia.com/advisories/24437" }, { "trust": 1.7, "url": "http://secunia.com/advisories/24457" }, { "trust": 1.7, "url": "http://secunia.com/advisories/24650" }, { "trust": 1.7, "url": "http://secunia.com/advisories/25588" }, { "trust": 1.7, "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" }, { "trust": 1.7, "url": "http://www.ubuntu.com/usn/usn-428-1" }, { "trust": 1.6, "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131" }, { "trust": 1.4, "url": "http://www.frsirt.com/english/advisories/2006/4662" }, { "trust": 1.4, "url": "http://xforce.iss.net/xforce/xfdb/30470" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/452382/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/452431/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/452440/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/452463/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/454982/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/455073/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/455148/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded" }, { "trust": 1.1, "url": "http://fedoranews.org/cms/node/2713" }, { "trust": 1.1, "url": "http://fedoranews.org/cms/node/2728" }, { "trust": 1.1, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c00771742" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10031" }, { "trust": 1.1, "url": "http://secunia.com/advisories/23108" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24205" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24238" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24287" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24290" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24293" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24320" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24328" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24333" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24342" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24343" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24384" }, { "trust": 1.1, "url": "http://secunia.com/advisories/24393" }, { "trust": 1.1, "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-p.asc" }, { "trust": 1.1, "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-p.asc" }, { "trust": 1.1, "url": "http://lists.suse.com/archive/suse-security-announce/2007-mar/0001.html" }, { "trust": 1.1, "url": "http://www.vupen.com/english/advisories/2006/4662" }, { "trust": 1.1, "url": "http://www.vupen.com/english/advisories/2007/0718" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30470" }, { "trust": 1.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6077" }, { "trust": 0.9, "url": "http://secunia.com/advisories/24205/" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-6077" }, { "trust": 0.8, "url": "http://secunia.com/advisories/24238/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23046/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23108/" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/452463/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/452440/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/452431/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/452382/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/461809/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/461336/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/455148/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/455073/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/454982/100/0/threaded" }, { "trust": 0.6, "url": "http://www.frsirt.com/english/advisories/2007/0718" }, { "trust": 0.6, "url": "http://secunia.com" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0775" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0995" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0981" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0778" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-6077" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0008" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0800" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0009" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0779" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0780" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0777" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0996" }, { "trust": 0.3, "url": "http://www.caminobrowser.org/releases/1.5.1/" }, { "trust": 0.3, "url": "http://www.securitypronews.com/news/securitynews/spn-45-20061121firefoxopentonewxssflaw.html" }, { "trust": 0.3, "url": "http://news.netcraft.com/archives/2006/10/27/myspace_accounts_compromised_by_phishers.html" }, { "trust": 0.3, "url": "/archive/1/452382" }, { "trust": 0.3, "url": "/archive/1/454982" }, { "trust": 0.3, "url": "/archive/1/452463" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2007-114.htm" }, { "trust": 0.3, "url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1188588104897+28353475\u0026docid=c00771742" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2007-0078.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2007-0079.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2007-0097.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2007-0108.html" }, { "trust": 0.3, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-03.html" }, { "trust": 0.3, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html" }, { "trust": 0.3, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-07.html" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0780" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0777" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0775" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0995" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0778" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0779" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1092" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0800" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0981" }, { "trust": 0.2, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html" }, { "trust": 0.2, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-04.html" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1092" }, { "trust": 0.2, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html" }, { "trust": 0.2, "url": "http://www.mandriva.com/security/" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0009" }, { "trust": 0.2, "url": "http://www.mandriva.com/security/advisories" }, { "trust": 0.2, "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-08.html" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0008" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0996" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0776" }, { "trust": 0.1, "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2007\u0026amp;m=slackware-security.338131" }, { "trust": 0.1, "url": "http://secunia.com/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/software_inspector/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/24289/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/24175/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/product/5134/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_arm.deb" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1282" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_amd64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge15_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mipsel.deb" }, { "trust": 0.1, "url": "http://secunia.com/" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_m68k.deb" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0994" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mips.deb" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0045" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_s390.deb" }, { "trust": 0.1, "url": "http://lists.grok.org.uk/full-disclosure-charter.html" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge15_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.diff.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_i386.deb" }, { "trust": 0.1, "url": "http://packages.debian.org/\u003cpkg\u003e" }, { "trust": 0.1, "url": "http://security.debian.org/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_amd64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_amd64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_s390.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.dsc" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge15_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_hppa.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1.diff.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10.diff.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.diff.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0776" }, { "trust": 0.1, "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366" }, { "trust": 0.1, "url": "http://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0801" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0801" } ], "sources": [ { "db": "VULHUB", "id": "VHN-22185" }, { "db": "BID", "id": "21240" }, { "db": "JVNDB", "id": "JVNDB-2006-000790" }, { "db": "PACKETSTORM", "id": "54701" }, { "db": "PACKETSTORM", "id": "54814" }, { "db": "PACKETSTORM", "id": "57941" }, { "db": "PACKETSTORM", "id": "54812" }, { "db": "PACKETSTORM", "id": "54914" }, { "db": "PACKETSTORM", "id": "54837" }, { "db": "CNNVD", "id": "CNNVD-200611-402" }, { "db": "NVD", "id": "CVE-2006-6077" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-22185" }, { "db": "BID", "id": "21240" }, { "db": "JVNDB", "id": "JVNDB-2006-000790" }, { "db": "PACKETSTORM", "id": "54701" }, { "db": "PACKETSTORM", "id": "54814" }, { "db": "PACKETSTORM", "id": "57941" }, { "db": "PACKETSTORM", "id": "54812" }, { "db": "PACKETSTORM", "id": "54914" }, { "db": "PACKETSTORM", "id": "54837" }, { "db": "CNNVD", "id": "CNNVD-200611-402" }, { "db": "NVD", "id": "CVE-2006-6077" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-11-24T00:00:00", "db": "VULHUB", "id": "VHN-22185" }, { "date": "2006-11-21T00:00:00", "db": "BID", "id": "21240" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2006-000790" }, { "date": "2007-02-27T16:54:22", "db": "PACKETSTORM", "id": "54701" }, { "date": "2007-03-06T04:36:13", "db": "PACKETSTORM", "id": "54814" }, { "date": "2007-07-23T04:37:49", "db": "PACKETSTORM", "id": "57941" }, { "date": "2007-03-06T04:30:15", "db": "PACKETSTORM", "id": "54812" }, { "date": "2007-03-08T22:28:15", "db": "PACKETSTORM", "id": "54914" }, { "date": "2007-03-06T06:26:26", "db": "PACKETSTORM", "id": "54837" }, { "date": "2006-11-24T00:00:00", "db": "CNNVD", "id": "CNNVD-200611-402" }, { "date": "2006-11-24T17:07:00", "db": "NVD", "id": "CVE-2006-6077" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-10-17T00:00:00", "db": "VULHUB", "id": "VHN-22185" }, { "date": "2008-03-17T18:00:00", "db": "BID", "id": "21240" }, { "date": "2007-08-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2006-000790" }, { "date": "2006-11-27T00:00:00", "db": "CNNVD", "id": "CNNVD-200611-402" }, { "date": "2024-11-21T00:21:42.563000", "db": "NVD", "id": "CVE-2006-6077" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "57941" }, { "db": "CNNVD", "id": "CNNVD-200611-402" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Mozilla Firefox Password manager vulnerable to password disclosure", "sources": [ { "db": "JVNDB", "id": "JVNDB-2006-000790" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-200611-402" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.