severity 336171 important thanks Until it is proven to be exploitable, this can't be critical.
Mike On Fri, Oct 28, 2005 at 10:50:09AM +0100, Stephen Gran <[EMAIL PROTECTED]> wrote: > Package: mozilla-firefox > Version: 1.0.7-1 > Severity: grave > Tags: security > > 05.41.42 CVE: Not Available > Platform: Cross Platform > Title: Mozilla Firefox IFRAME Handling Remote Buffer Overflow > Description: Mozilla Firefox is reported to be vulnerable to a remote > buffer overflow issue due to improper boundary checks prior to copying > user-supplied data into sensitive process buffers. Mozilla Firefox > versions 1.0.7 and 1.0.6 are reported to be vulnerable. > Ref: http://www.securityfocus.com/bid/15015 > > > Sorry if this is a duplicate - I looked through and did not see anything > that looked immediately similar. > > Take care, > > -- System Information: > Debian Release: testing/unstable > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: i386 (i686) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.12-1-686-smp > Locale: LANG=C, LC_CTYPE=en_US.ISO-8859-15 (charmap=ISO-8859-15) (ignored: > LC_ALL set to en_US.ISO-8859-15) > > Versions of packages mozilla-firefox depends on: > ii debianutils 2.15 Miscellaneous utilities specific > t > ii fontconfig 2.3.2-1.1 generic font configuration > library > ii libatk1.0-0 1.10.3-1 The ATK accessibility toolkit > ii libc6 2.3.5-7 GNU C Library: Shared libraries > an > ii libfontconfig1 2.3.2-1.1 generic font configuration > library > ii libfreetype6 2.1.10-1 FreeType 2 font engine, shared > lib > ii libgcc1 1:4.0.2-2 GCC support library > ii libglib2.0-0 2.8.3-1 The GLib library of C routines > ii libgtk2.0-0 2.6.10-1 The GTK+ graphical user > interface > ii libidl0 0.8.5-1 library for parsing CORBA IDL > file > ii libjpeg62 6b-10 The Independent JPEG Group's > JPEG > ii libkrb53 1.3.6-5 MIT Kerberos runtime libraries > ii libpango1.0-0 1.8.2-3 Layout and rendering of > internatio > ii libpng12-0 1.2.8rel-5 PNG library - runtime > ii libstdc++6 4.0.2-2 The GNU Standard C++ Library v3 > ii libx11-6 6.8.2.dfsg.1-9 X Window System protocol client > li > ii libxext6 6.8.2.dfsg.1-9 X Window System miscellaneous > exte > ii libxft2 2.1.7-1 FreeType-based font drawing > librar > ii libxinerama1 6.8.2.dfsg.1-9 X Window System multi-head > display > ii libxp6 6.8.2.dfsg.1-9 X Window System printing > extension > ii libxt6 6.8.2.dfsg.1-9 X Toolkit Intrinsics > ii psmisc 21.6-1 Utilities that use the proc > filesy > ii xlibs 6.8.2.dfsg.1-9 X Window System client libraries > m > ii zlib1g 1:1.2.3-6 compression library - runtime > > mozilla-firefox recommends no packages. > > -- no debconf information > > -- > ----------------------------------------------------------------- > | ,''`. Stephen Gran | > | : :' : [EMAIL PROTECTED] | > | `. `' Debian user, admin, and developer | > | `- http://www.debian.org | > ----------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
