Rapid7 Vulnerability & Exploit Database

CESA-2003:046: mozilla security update

Back to Search

CESA-2003:046: mozilla security update

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
06/18/2002
Created
07/25/2018
Added
03/12/2010
Modified
07/04/2017

Description

Updated Mozilla packages are now available for CentOS Linux Advanced Server. These new packages fix vulnerabilities in previous versions of Mozilla.

Mozilla is an open source Web browser. Versions of Mozilla prior to version 1.0.1 contain various security vulnerabilities. These vulnerabilities could be used by an attacker to read data off of the local hard drive, to gain information that should normally be kept private, and in some cases to execute arbitrary code. For more information on the specific vulnerabilities fixed please see the references below. All users of Mozilla should update to these errata packages containing Mozilla version 1.0.1 which is not vulnerable to these issues.

Solution(s)

  • centos-upgrade-galeon
  • centos-upgrade-gdk-pixbuf
  • centos-upgrade-gdk-pixbuf-devel
  • centos-upgrade-gdk-pixbuf-gnome
  • centos-upgrade-mozilla
  • centos-upgrade-mozilla-chat
  • centos-upgrade-mozilla-devel
  • centos-upgrade-mozilla-dom-inspector
  • centos-upgrade-mozilla-js-debugger
  • centos-upgrade-mozilla-mail
  • centos-upgrade-mozilla-nspr
  • centos-upgrade-mozilla-nspr-devel
  • centos-upgrade-mozilla-nss
  • centos-upgrade-mozilla-nss-devel
  • centos-upgrade-mozilla-psm

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;