USN-745-1 -- Firefox and Xulrunner vulnerabilitiesID: oval:org.secpod.oval:def:700355 | Date: (C)2011-05-13 (M)2021-06-02 |
Class: PATCH | Family: unix |
It was discovered that Firefox did not properly perform XUL garbage collection. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS and 8.10. A flaw was discovered in the way Firefox performed XSLT transformations. If a user were tricked into opening a crafted XSL stylesheet, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program
Platform: |
Ubuntu 7.10 |
Ubuntu 8.04 |
Ubuntu 6.06 |
Ubuntu 8.10 |