Bug#336171: mozilla-firefox: IFRAME Handling Remote Buffer Overflow

Fri, 28 Oct 2005 03:04:15 -0700 

Package: mozilla-firefox
Version: 1.0.7-1
Severity: grave
Tags: security

05.41.42 CVE: Not Available
Platform: Cross Platform
Title: Mozilla Firefox IFRAME Handling Remote Buffer Overflow
Description: Mozilla Firefox is reported to be vulnerable to a remote
buffer overflow issue due to improper boundary checks prior to copying
user-supplied data into sensitive process buffers. Mozilla Firefox
versions 1.0.7 and 1.0.6 are reported to be vulnerable.
Ref: http://www.securityfocus.com/bid/15015


Sorry if this is a duplicate - I looked through and did not see anything
that looked immediately similar.

Take care,

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-1-686-smp
Locale: LANG=C, LC_CTYPE=en_US.ISO-8859-15 (charmap=ISO-8859-15) (ignored: 
LC_ALL set to en_US.ISO-8859-15)

Versions of packages mozilla-firefox depends on:
ii  debianutils               2.15           Miscellaneous utilities specific t
ii  fontconfig                2.3.2-1.1      generic font configuration library
ii  libatk1.0-0               1.10.3-1       The ATK accessibility toolkit
ii  libc6                     2.3.5-7        GNU C Library: Shared libraries an
ii  libfontconfig1            2.3.2-1.1      generic font configuration library
ii  libfreetype6              2.1.10-1       FreeType 2 font engine, shared lib
ii  libgcc1                   1:4.0.2-2      GCC support library
ii  libglib2.0-0              2.8.3-1        The GLib library of C routines
ii  libgtk2.0-0               2.6.10-1       The GTK+ graphical user interface 
ii  libidl0                   0.8.5-1        library for parsing CORBA IDL file
ii  libjpeg62                 6b-10          The Independent JPEG Group's JPEG 
ii  libkrb53                  1.3.6-5        MIT Kerberos runtime libraries
ii  libpango1.0-0             1.8.2-3        Layout and rendering of internatio
ii  libpng12-0                1.2.8rel-5     PNG library - runtime
ii  libstdc++6                4.0.2-2        The GNU Standard C++ Library v3
ii  libx11-6                  6.8.2.dfsg.1-9 X Window System protocol client li
ii  libxext6                  6.8.2.dfsg.1-9 X Window System miscellaneous exte
ii  libxft2                   2.1.7-1        FreeType-based font drawing librar
ii  libxinerama1              6.8.2.dfsg.1-9 X Window System multi-head display
ii  libxp6                    6.8.2.dfsg.1-9 X Window System printing extension
ii  libxt6                    6.8.2.dfsg.1-9 X Toolkit Intrinsics
ii  psmisc                    21.6-1         Utilities that use the proc filesy
ii  xlibs                     6.8.2.dfsg.1-9 X Window System client libraries m
ii  zlib1g                    1:1.2.3-6      compression library - runtime

mozilla-firefox recommends no packages.

-- no debconf information

-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        [EMAIL PROTECTED] |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------

Attachment: signature.asc
Description: Digital signature

Reply via email to