Description: | Description:
The remote host is missing an update to mozilla-firefox announced via advisory USN-181-1.
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected:
mozilla-browser mozilla-firefox mozilla-thunderbird
Tom Ferris discovered a buffer overflow in the Mozilla products (Mozilla browser, Firefox, Thunderbird). By tricking an user to click on a Hyperlink with a specially crafted destination URL, a remote attacker could crash the application. It might even be possible to exploit this vulnerability to execute arbitrary code, but this has not yet been confirmed.
Solution: On Ubuntu 4.10, the problem can be corrected by upgrading the affected packages to version 1.7.10-0ubuntu04.10.1 (mozilla-browser), 1.0.6-0ubuntu04.10.1 (mozilla-thunderbird), and 1.0.6-0ubuntu0.0.2 (mozilla-firefox).
On Ubuntu 5.04, the problem can be corrected by upgrading the affected packages to version 1.7.10-0ubuntu05.04.1 (mozilla-browser), 1.0.6-0ubuntu05.04.1 (mozilla-thunderbird), and 1.0.6-0ubuntu0.2 (mozilla-firefox).
After a standard system upgrade you need to restart all running Firefox, Mozilla, and Thunderbird instances to effect the necessary changes.
https://secure1.securityspace.com/smysecure/catid.html?in=USN-181-1
Risk factor : High
CVSS Score: 7.5
|