FS#14008 : firefox 3.0.7 is vulnerable to a memory corruption attack which allows execution of arbitrary code

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#14008 - firefox 3.0.7 is vulnerable to a memory corruption attack which allows execution of arbitrary code

Attached to Project: Arch Linux
Opened by Rorschach (Rorschach) - Sunday, 29 March 2009, 13:30 GMT
Last edited by Andreas Radke (AndyRTR) - Monday, 30 March 2009, 18:57 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Marek Niklicek (Dogmeat) (2009-03-29)
Private	No

Details

Description:
The Gran Paradiso version of archlinux is based on firefox 3.0.7 which is vulnerable to a memory corruption attack which may allow execution of arbitrary commands.

POC-exploit: http://milw0rm.com/exploits/8285

Fix: Upgrade Firefox to 3.0.8.

This task depends upon

Closed by Andreas Radke (AndyRTR)
Monday, 30 March 2009, 18:57 GMT
Reason for closing: Fixed

Comments (0)
Related Tasks (0/0)

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

Arch Linux

FS#14008 - firefox 3.0.7 is vulnerable to a memory corruption attack which allows execution of arbitrary code

Details

Loading...