RHEL 2.1 : mozilla (RHSA-2003:163)
High Nessus Plugin ID 12394
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionUpdated Mozilla packages that fix various bugs and security issues in previous versions of Mozilla are now available.
Mozilla is an open source Web browser.
A heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
These errata packages upgrade Mozilla to version 1.0.2, which is not vulnerable to this issue. Mozilla 1.0.2 also contains a number of other stability and security updates.
SolutionUpdate the affected packages.