Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CentOS Update for firefox CESA-2014:0919 centos5

Information

Severity

Severity

Critical

Family

Family

CentOS Local Security Checks

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

9 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update for the 'firefox' package(s) announced via the referenced advisory.

Insight

Insight

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, David Keeler, Byron Campen, Jethro Beekman, Patrick Cozzi, and Mozilla community member John as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.7.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.7.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.

Affected Software

Affected Software

firefox on CentOS 5

Solution

Solution

Please install the updated packages.

Common Vulnerabilities and Exposures (CVE)