firefox 1.0.7 vulnerability not fixed

Bug #32083 reported by towsonu2003 on 2006-02-20
8
Affects Status Importance Assigned to Milestone
Mozilla Firefox
New
Undecided
Unassigned
Ubuntu
High
Unassigned

Bug Description

firefox in ubuntu breezy is still 1.0.7, which has known vulnerabilities. the ones I found in 2-3 minutes are:
http://www.whitedust.net/speaks/1432/ where there is a link to the proof of concept
and
http://security-protocols.com/modules.php?name=News&file=article&sid=2978
these may be the same.
More info here http://www.ubuntuforums.org/showthread.php?t=126941
And here as well http://ubuntuforums.org/showthread.php?t=126622
(last one is more for dapper though).

towsonu2003 (towsonu2003) wrote :

For ubuntu breezy

towsonu2003 (towsonu2003) wrote :

more detail:
Following are the bugs affecting 1.0 & 1.5 and fixed after October 10th (last firefox update in repos) with 1.5.0.1 release:
http://www.mozilla.org/security/anno...sa2006-05.html (critical)
http://www.mozilla.org/security/anno...sa2006-03.html
http://www.mozilla.org/security/anno...sa2006-01.html (moderate)

My understanding is that a default fully updated breezy instalation is vulnerable to these.

towsonu2003 (towsonu2003) wrote :

duplicate

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers