Mozilla Firefox: Multiple vulnerabilities

Mozilla Firefox: Multiple vulnerabilities The Mozilla Foundation has reported numerous vulnerabilities in Mozilla Firefox, including one that may allow execution of arbitrary code. Firefox 2006-09-28 2006-09-28 147652 remote 1.5.0.7 1.5.0.7 1.5.0.7 1.5.0.7

Mozilla Firefox is a redesign of the Mozilla Navigator component. The goal is to produce a cross-platform, stand-alone browser application.

A number of vulnerabilities were found and fixed in Mozilla Firefox. For details please consult the references below.

The most severe vulnerability involves enticing a user to visit a malicious website, crashing the browser and executing arbitrary code with the rights of the user running the application.

There is no known workaround at this time.

All Mozilla Firefox users should upgrade to the latest version:


    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.5.0.7"

Users of the binary package should upgrade as well:


    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.5.0.7"

CVE-2006-4253 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566 CVE-2006-4567 CVE-2006-4568 CVE-2006-4569 CVE-2006-4571 frilled frilled