Advisories ยป MGASA-2013-0287

Updated firefox and thunderbird packages fix security vulnerabilities

Publication date: 19 Sep 2013
Modification date: 19 Sep 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-1718 , CVE-2013-1722 , CVE-2013-1725 , CVE-2013-1730 , CVE-2013-1732 , CVE-2013-1735 , CVE-2013-1736 , CVE-2013-1737

Description

Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox or Thunderbird
to crash or, potentially, execute arbitrary code with the privileges of
the user running Firefox or Thunderbird (CVE-2013-1718, CVE-2013-1722,
CVE-2013-1725, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735,
CVE-2013-1736).

A flaw was found in the way Firefox and Thunderbird handled certain DOM
JavaScript objects. An attacker could use this flaw to make JavaScript
client or add-on code make incorrect, security sensitive decisions
(CVE-2013-1737).
                

References

SRPMS

2/core

3/core