Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
Critical Nessus Plugin ID 60475
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox.
(CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064)
Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068)
For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section.
SolutionUpdate the affected packages.