Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2005-0399 (GCVE-0-2005-0399)
Vulnerability from cvelistv5
Published
2005-03-24 05:00
Modified
2024-08-07 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:53.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:323",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name": "RHSA-2005:336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-336.html"
},
{
"name": "ADV-2005-0296",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0296"
},
{
"name": "SCOSA-2005.49",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
},
{
"name": "oval:org.mitre.oval:def:100028",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028"
},
{
"name": "RHSA-2005:335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-335.html"
},
{
"name": "19823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19823"
},
{
"name": "15495",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15495"
},
{
"name": "P-160",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-160.shtml"
},
{
"name": "gif-extension-overflow(19269)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19269"
},
{
"name": "12881",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/mfsa2005-30.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877"
},
{
"name": "20050323 Mozilla Foundation GIF Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/191"
},
{
"name": "VU#557948",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/557948"
},
{
"name": "GLSA-200503-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"name": "oval:org.mitre.oval:def:11377",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377"
},
{
"name": "14654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14654"
},
{
"name": "SUSE-SA:2006:022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"name": "RHSA-2005:337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-337.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2005:323",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name": "RHSA-2005:336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-336.html"
},
{
"name": "ADV-2005-0296",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0296"
},
{
"name": "SCOSA-2005.49",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
},
{
"name": "oval:org.mitre.oval:def:100028",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028"
},
{
"name": "RHSA-2005:335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-335.html"
},
{
"name": "19823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19823"
},
{
"name": "15495",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15495"
},
{
"name": "P-160",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-160.shtml"
},
{
"name": "gif-extension-overflow(19269)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19269"
},
{
"name": "12881",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/mfsa2005-30.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877"
},
{
"name": "20050323 Mozilla Foundation GIF Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/191"
},
{
"name": "VU#557948",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/557948"
},
{
"name": "GLSA-200503-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"name": "oval:org.mitre.oval:def:11377",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377"
},
{
"name": "14654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14654"
},
{
"name": "SUSE-SA:2006:022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"name": "RHSA-2005:337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-337.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0399",
"datePublished": "2005-03-24T05:00:00",
"dateReserved": "2005-02-14T00:00:00",
"dateUpdated": "2024-08-07T21:13:53.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2005-0399\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2005-05-02T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:P\",\"baseScore\":5.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C142C5-3A85-432B-80D6-2E7B1B4694F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2434FCE7-A50B-4527-9970-C7224B31141C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*\",\"matchCriteriaId\":\"5633FB6E-D623-49D4-9858-4E20E64DE458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"429ECA02-DBCD-45FB-942C-CA4BC1BC8A72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5F0DC80-5473-465C-9D7F-9589F1B78E12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"567FF916-7DE0-403C-8528-7931A43E0D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"010B34F4-910E-4515-990B-8E72DF009578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A545A77-2198-4685-A87F-E0F2DAECECF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"778FAE0C-A5CF-4B67-93A9-1A803E3E699F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C656A621-BE62-4BB8-9B25-A3916E60FA12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D3F91A1-7DD9-4146-8BA4-BE594C66DD30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"82A6419D-0E94-4D80-8B07-E5AB4DBA2F28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED69BEB9-8D83-415B-826D-9D17FB67976B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCDB64E5-AE26-43DF-8A66-654D5D22A635\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.5:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D8CB42F-8F05-45A6-A408-50A11CC132DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.5:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"407F69BE-4026-4B26-AC31-11E7CC942760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.5:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E8264B5-4D4B-453D-B599-E2AD533A0CF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED9D75F1-8333-43DE-A08B-142E4C5899D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BF63077-4E98-497D-8CE6-B84B022DB21D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.6:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FEC6B13-3088-4ECB-9D81-6480F439601C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.6:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"20ECA520-780A-4EF8-8C80-B7564F4148B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCEAEDEB-0EE7-4221-B9B8-65438580D331\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"78A75EE3-DC19-4F21-86F4-834FCEAFEFA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"F610FFD5-DF37-4075-AE8B-8D89DF6205A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D093FD25-94C8-49B8-A452-438023BFB105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3346E7D0-D7EF-4182-BD86-837F14EEB9FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"150F1B28-0FAB-4880-B1D5-7F244A1C4D31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FE7EA3B-3BF8-4696-9488-78506074D62D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C883B45F-D28D-428E-AAF7-F93522A229DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFA659B9-2A00-45A6-A462-4E0A20FB7F81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0618BD26-0EF5-4774-9131-B5ABD4CD302A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D604DAE-DF63-413C-9F49-FFC8E84699F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11DE6185-09F4-48E3-9742-F9D8030B5774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2E70864-E077-4CD6-A0E8-BC2C4C298A6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E565E5-286D-4A68-B085-5659DFE59A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E2A68B4-9101-4AC5-9E82-EEB5A5405541\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDA6C390-9BA7-4355-8C0A-CD68FF6AC236\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70DDB53E-7A12-4A08-8999-DB68E6DF901E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6514EDE8-7C78-4C72-A313-E0915D89E4EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5263F879-9B90-4582-B677-F133DEBE5259\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C256B73C-9ABC-43D4-8C57-09161BC9F923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"055D1044-9FC5-45AA-8407-649E96C5AFE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C1C87A5-C14D-4A23-B865-3BB1FCDC8470\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/14654\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19823\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ciac.org/ciac/bulletins/p-160.shtml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/557948\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mozilla.org/security/announce/mfsa2005-30.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_04_25.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-323.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-335.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-336.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-337.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/12881\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/15495\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/0296\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/191\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/19269\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/14654\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19823\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ciac.org/ciac/bulletins/p-160.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/557948\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mozilla.org/security/announce/mfsa2005-30.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_04_25.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-323.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-335.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-336.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-337.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/12881\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/15495\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/0296\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/19269\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
rhsa-2005:336
Vulnerability from csaf_redhat
Published
2005-03-23 19:21
Modified
2024-11-21 23:42
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
Updated firefox packages that fix various bugs are now available.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
Mozilla Firefox is an open source Web browser.
A buffer overflow bug was found in the way Firefox processes GIF images. It
is possible for an attacker to create a specially crafted GIF image, which
when viewed by a victim will execute arbitrary code as the victim. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0399 to this issue.
A bug was found in the way Firefox processes XUL content. If a malicious
web page can trick a user into dragging an object, it is possible to load
malicious XUL content. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0401 to this issue.
A bug was found in the way Firefox bookmarks content to the sidebar. If a
user can be tricked into bookmarking a malicious web page into the sidebar
panel, that page could execute arbitrary programs. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0402 to this issue.
Users of Firefox are advised to upgrade to this updated package which
contains Firefox version 1.0.2 and is not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated firefox packages that fix various bugs are now available.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open source Web browser.\n\nA buffer overflow bug was found in the way Firefox processes GIF images. It\nis possible for an attacker to create a specially crafted GIF image, which\nwhen viewed by a victim will execute arbitrary code as the victim. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2005-0399 to this issue.\n\nA bug was found in the way Firefox processes XUL content. If a malicious\nweb page can trick a user into dragging an object, it is possible to load\nmalicious XUL content. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2005-0401 to this issue.\n\nA bug was found in the way Firefox bookmarks content to the sidebar. If a\nuser can be tricked into bookmarking a malicious web page into the sidebar\npanel, that page could execute arbitrary programs. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-0402 to this issue.\n\nUsers of Firefox are advised to upgrade to this updated package which\ncontains Firefox version 1.0.2 and is not vulnerable to these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:336",
"url": "https://access.redhat.com/errata/RHSA-2005:336"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "150877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=150877"
},
{
"category": "external",
"summary": "151153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=151153"
},
{
"category": "external",
"summary": "151714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=151714"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_336.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2024-11-21T23:42:32+00:00",
"generator": {
"date": "2024-11-21T23:42:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2005:336",
"initial_release_date": "2005-03-23T19:21:00+00:00",
"revision_history": [
{
"date": "2005-03-23T19:21:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-03-23T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:42:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.0.2-1.4.1.ia64",
"product": {
"name": "firefox-0:1.0.2-1.4.1.ia64",
"product_id": "firefox-0:1.0.2-1.4.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.0.2-1.4.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"product": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"product_id": "firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.2-1.4.1?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.0.2-1.4.1.src",
"product": {
"name": "firefox-0:1.0.2-1.4.1.src",
"product_id": "firefox-0:1.0.2-1.4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.0.2-1.4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.0.2-1.4.1.x86_64",
"product": {
"name": "firefox-0:1.0.2-1.4.1.x86_64",
"product_id": "firefox-0:1.0.2-1.4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.0.2-1.4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"product": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"product_id": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.2-1.4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.0.2-1.4.1.i386",
"product": {
"name": "firefox-0:1.0.2-1.4.1.i386",
"product_id": "firefox-0:1.0.2-1.4.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.0.2-1.4.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.0.2-1.4.1.i386",
"product": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.i386",
"product_id": "firefox-debuginfo-0:1.0.2-1.4.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.2-1.4.1?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.0.2-1.4.1.ppc",
"product": {
"name": "firefox-0:1.0.2-1.4.1.ppc",
"product_id": "firefox-0:1.0.2-1.4.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.0.2-1.4.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"product": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"product_id": "firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.2-1.4.1?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.0.2-1.4.1.s390x",
"product": {
"name": "firefox-0:1.0.2-1.4.1.s390x",
"product_id": "firefox-0:1.0.2-1.4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.0.2-1.4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"product": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"product_id": "firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.2-1.4.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:1.0.2-1.4.1.s390",
"product": {
"name": "firefox-0:1.0.2-1.4.1.s390",
"product_id": "firefox-0:1.0.2-1.4.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@1.0.2-1.4.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390",
"product": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390",
"product_id": "firefox-debuginfo-0:1.0.2-1.4.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.2-1.4.1?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.0.2-1.4.1.i386"
},
"product_reference": "firefox-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.0.2-1.4.1.ia64"
},
"product_reference": "firefox-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.0.2-1.4.1.ppc"
},
"product_reference": "firefox-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.0.2-1.4.1.s390"
},
"product_reference": "firefox-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.0.2-1.4.1.s390x"
},
"product_reference": "firefox-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.0.2-1.4.1.src"
},
"product_reference": "firefox-0:1.0.2-1.4.1.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "firefox-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.0.2-1.4.1.i386"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.0.2-1.4.1.ia64"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.0.2-1.4.1.ppc"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390x"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.0.2-1.4.1.i386"
},
"product_reference": "firefox-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.0.2-1.4.1.ia64"
},
"product_reference": "firefox-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.0.2-1.4.1.ppc"
},
"product_reference": "firefox-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.0.2-1.4.1.s390"
},
"product_reference": "firefox-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.0.2-1.4.1.s390x"
},
"product_reference": "firefox-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.0.2-1.4.1.src"
},
"product_reference": "firefox-0:1.0.2-1.4.1.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "firefox-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.i386"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ia64"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ppc"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390x"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.0.2-1.4.1.i386"
},
"product_reference": "firefox-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.0.2-1.4.1.ia64"
},
"product_reference": "firefox-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.0.2-1.4.1.ppc"
},
"product_reference": "firefox-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.0.2-1.4.1.s390"
},
"product_reference": "firefox-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.0.2-1.4.1.s390x"
},
"product_reference": "firefox-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.0.2-1.4.1.src"
},
"product_reference": "firefox-0:1.0.2-1.4.1.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "firefox-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.0.2-1.4.1.i386"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.0.2-1.4.1.ia64"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.0.2-1.4.1.ppc"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390x"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.0.2-1.4.1.i386"
},
"product_reference": "firefox-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.0.2-1.4.1.ia64"
},
"product_reference": "firefox-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.0.2-1.4.1.ppc"
},
"product_reference": "firefox-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.0.2-1.4.1.s390"
},
"product_reference": "firefox-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.0.2-1.4.1.s390x"
},
"product_reference": "firefox-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.0.2-1.4.1.src"
},
"product_reference": "firefox-0:1.0.2-1.4.1.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "firefox-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.0.2-1.4.1.i386"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.0.2-1.4.1.ia64"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.0.2-1.4.1.ppc"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390x"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-0399",
"discovery_date": "2005-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617517"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.0.2-1.4.1.i386",
"4AS:firefox-0:1.0.2-1.4.1.ia64",
"4AS:firefox-0:1.0.2-1.4.1.ppc",
"4AS:firefox-0:1.0.2-1.4.1.s390",
"4AS:firefox-0:1.0.2-1.4.1.s390x",
"4AS:firefox-0:1.0.2-1.4.1.src",
"4AS:firefox-0:1.0.2-1.4.1.x86_64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-0:1.0.2-1.4.1.src",
"4Desktop:firefox-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-0:1.0.2-1.4.1.i386",
"4ES:firefox-0:1.0.2-1.4.1.ia64",
"4ES:firefox-0:1.0.2-1.4.1.ppc",
"4ES:firefox-0:1.0.2-1.4.1.s390",
"4ES:firefox-0:1.0.2-1.4.1.s390x",
"4ES:firefox-0:1.0.2-1.4.1.src",
"4ES:firefox-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-0:1.0.2-1.4.1.i386",
"4WS:firefox-0:1.0.2-1.4.1.ia64",
"4WS:firefox-0:1.0.2-1.4.1.ppc",
"4WS:firefox-0:1.0.2-1.4.1.s390",
"4WS:firefox-0:1.0.2-1.4.1.s390x",
"4WS:firefox-0:1.0.2-1.4.1.src",
"4WS:firefox-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0399"
},
{
"category": "external",
"summary": "RHBZ#1617517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0399",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0399"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0399",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0399"
}
],
"release_date": "2005-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:firefox-0:1.0.2-1.4.1.i386",
"4AS:firefox-0:1.0.2-1.4.1.ia64",
"4AS:firefox-0:1.0.2-1.4.1.ppc",
"4AS:firefox-0:1.0.2-1.4.1.s390",
"4AS:firefox-0:1.0.2-1.4.1.s390x",
"4AS:firefox-0:1.0.2-1.4.1.src",
"4AS:firefox-0:1.0.2-1.4.1.x86_64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-0:1.0.2-1.4.1.src",
"4Desktop:firefox-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-0:1.0.2-1.4.1.i386",
"4ES:firefox-0:1.0.2-1.4.1.ia64",
"4ES:firefox-0:1.0.2-1.4.1.ppc",
"4ES:firefox-0:1.0.2-1.4.1.s390",
"4ES:firefox-0:1.0.2-1.4.1.s390x",
"4ES:firefox-0:1.0.2-1.4.1.src",
"4ES:firefox-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-0:1.0.2-1.4.1.i386",
"4WS:firefox-0:1.0.2-1.4.1.ia64",
"4WS:firefox-0:1.0.2-1.4.1.ppc",
"4WS:firefox-0:1.0.2-1.4.1.s390",
"4WS:firefox-0:1.0.2-1.4.1.s390x",
"4WS:firefox-0:1.0.2-1.4.1.src",
"4WS:firefox-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:336"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0401",
"discovery_date": "2005-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617519"
}
],
"notes": [
{
"category": "description",
"text": "FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka \"Firescrolling 2.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.0.2-1.4.1.i386",
"4AS:firefox-0:1.0.2-1.4.1.ia64",
"4AS:firefox-0:1.0.2-1.4.1.ppc",
"4AS:firefox-0:1.0.2-1.4.1.s390",
"4AS:firefox-0:1.0.2-1.4.1.s390x",
"4AS:firefox-0:1.0.2-1.4.1.src",
"4AS:firefox-0:1.0.2-1.4.1.x86_64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-0:1.0.2-1.4.1.src",
"4Desktop:firefox-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-0:1.0.2-1.4.1.i386",
"4ES:firefox-0:1.0.2-1.4.1.ia64",
"4ES:firefox-0:1.0.2-1.4.1.ppc",
"4ES:firefox-0:1.0.2-1.4.1.s390",
"4ES:firefox-0:1.0.2-1.4.1.s390x",
"4ES:firefox-0:1.0.2-1.4.1.src",
"4ES:firefox-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-0:1.0.2-1.4.1.i386",
"4WS:firefox-0:1.0.2-1.4.1.ia64",
"4WS:firefox-0:1.0.2-1.4.1.ppc",
"4WS:firefox-0:1.0.2-1.4.1.s390",
"4WS:firefox-0:1.0.2-1.4.1.s390x",
"4WS:firefox-0:1.0.2-1.4.1.src",
"4WS:firefox-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0401"
},
{
"category": "external",
"summary": "RHBZ#1617519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617519"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0401"
}
],
"release_date": "2005-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:firefox-0:1.0.2-1.4.1.i386",
"4AS:firefox-0:1.0.2-1.4.1.ia64",
"4AS:firefox-0:1.0.2-1.4.1.ppc",
"4AS:firefox-0:1.0.2-1.4.1.s390",
"4AS:firefox-0:1.0.2-1.4.1.s390x",
"4AS:firefox-0:1.0.2-1.4.1.src",
"4AS:firefox-0:1.0.2-1.4.1.x86_64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-0:1.0.2-1.4.1.src",
"4Desktop:firefox-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-0:1.0.2-1.4.1.i386",
"4ES:firefox-0:1.0.2-1.4.1.ia64",
"4ES:firefox-0:1.0.2-1.4.1.ppc",
"4ES:firefox-0:1.0.2-1.4.1.s390",
"4ES:firefox-0:1.0.2-1.4.1.s390x",
"4ES:firefox-0:1.0.2-1.4.1.src",
"4ES:firefox-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-0:1.0.2-1.4.1.i386",
"4WS:firefox-0:1.0.2-1.4.1.ia64",
"4WS:firefox-0:1.0.2-1.4.1.ppc",
"4WS:firefox-0:1.0.2-1.4.1.s390",
"4WS:firefox-0:1.0.2-1.4.1.s390x",
"4WS:firefox-0:1.0.2-1.4.1.src",
"4WS:firefox-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:336"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0402",
"discovery_date": "2005-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617521"
}
],
"notes": [
{
"category": "description",
"text": "Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:firefox-0:1.0.2-1.4.1.i386",
"4AS:firefox-0:1.0.2-1.4.1.ia64",
"4AS:firefox-0:1.0.2-1.4.1.ppc",
"4AS:firefox-0:1.0.2-1.4.1.s390",
"4AS:firefox-0:1.0.2-1.4.1.s390x",
"4AS:firefox-0:1.0.2-1.4.1.src",
"4AS:firefox-0:1.0.2-1.4.1.x86_64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-0:1.0.2-1.4.1.src",
"4Desktop:firefox-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-0:1.0.2-1.4.1.i386",
"4ES:firefox-0:1.0.2-1.4.1.ia64",
"4ES:firefox-0:1.0.2-1.4.1.ppc",
"4ES:firefox-0:1.0.2-1.4.1.s390",
"4ES:firefox-0:1.0.2-1.4.1.s390x",
"4ES:firefox-0:1.0.2-1.4.1.src",
"4ES:firefox-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-0:1.0.2-1.4.1.i386",
"4WS:firefox-0:1.0.2-1.4.1.ia64",
"4WS:firefox-0:1.0.2-1.4.1.ppc",
"4WS:firefox-0:1.0.2-1.4.1.s390",
"4WS:firefox-0:1.0.2-1.4.1.s390x",
"4WS:firefox-0:1.0.2-1.4.1.src",
"4WS:firefox-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0402"
},
{
"category": "external",
"summary": "RHBZ#1617521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0402",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0402"
}
],
"release_date": "2005-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:firefox-0:1.0.2-1.4.1.i386",
"4AS:firefox-0:1.0.2-1.4.1.ia64",
"4AS:firefox-0:1.0.2-1.4.1.ppc",
"4AS:firefox-0:1.0.2-1.4.1.s390",
"4AS:firefox-0:1.0.2-1.4.1.s390x",
"4AS:firefox-0:1.0.2-1.4.1.src",
"4AS:firefox-0:1.0.2-1.4.1.x86_64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-0:1.0.2-1.4.1.src",
"4Desktop:firefox-0:1.0.2-1.4.1.x86_64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-0:1.0.2-1.4.1.i386",
"4ES:firefox-0:1.0.2-1.4.1.ia64",
"4ES:firefox-0:1.0.2-1.4.1.ppc",
"4ES:firefox-0:1.0.2-1.4.1.s390",
"4ES:firefox-0:1.0.2-1.4.1.s390x",
"4ES:firefox-0:1.0.2-1.4.1.src",
"4ES:firefox-0:1.0.2-1.4.1.x86_64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:firefox-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-0:1.0.2-1.4.1.i386",
"4WS:firefox-0:1.0.2-1.4.1.ia64",
"4WS:firefox-0:1.0.2-1.4.1.ppc",
"4WS:firefox-0:1.0.2-1.4.1.s390",
"4WS:firefox-0:1.0.2-1.4.1.s390x",
"4WS:firefox-0:1.0.2-1.4.1.src",
"4WS:firefox-0:1.0.2-1.4.1.x86_64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:firefox-debuginfo-0:1.0.2-1.4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:336"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
}
]
}
rhsa-2005:335
Vulnerability from csaf_redhat
Published
2005-03-23 19:14
Modified
2024-11-21 23:42
Summary
Red Hat Security Advisory: mozilla security update
Notes
Topic
Updated mozilla packages that fix various bugs are now available.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.
A buffer overflow bug was found in the way Mozilla processes GIF images. It
is possible for an attacker to create a specially crafted GIF image, which
when viewed by a victim will execute arbitrary code as the victim. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0399 to this issue.
A bug was found in the way Mozilla responds to proxy auth requests. It is
possible for a malicious webserver to steal credentials from a victims
browser by issuing a 407 proxy authentication request. (CAN-2005-0147)
A bug was found in the way Mozilla displays dialog windows. It is possible
that a malicious web page which is being displayed in a background tab
could present the user with a dialog window appearing to come from the
active page. (CAN-2004-1380)
A bug was found in the way Mozilla Mail handles cookies when loading
content over HTTP regardless of the user's preference. It is possible that
a particular user could be tracked through the use of malicious mail
messages which load content over HTTP. (CAN-2005-0149)
A flaw was found in the way Mozilla displays international domain names. It
is possible for an attacker to display a valid URL, tricking the user into
thinking they are viewing a legitimate webpage when they are not.
(CAN-2005-0233)
A bug was found in the way Mozilla handles pop-up windows. It is possible
for a malicious website to control the content in an unrelated site's
pop-up window. (CAN-2004-1156)
A bug was found in the way Mozilla saves temporary files. Temporary files
are saved with world readable permissions, which could allow a local
malicious user to view potentially sensitive data. (CAN-2005-0142)
A bug was found in the way Mozilla handles synthetic middle click events.
It is possible for a malicious web page to steal the contents of a victims
clipboard. (CAN-2005-0146)
A bug was found in the way Mozilla processes XUL content. If a malicious
web page can trick a user into dragging an object, it is possible to load
malicious XUL content. (CAN-2005-0401)
A bug was found in the way Mozilla loads links in a new tab which are
middle clicked. A malicious web page could read local files or modify
privileged chrom settings. (CAN-2005-0141)
A bug was found in the way Mozilla displays the secure site icon. A
malicious web page can use a view-source URL targetted at a secure page,
while loading an insecure page, yet the secure site icon shows the previous
secure state. (CAN-2005-0144)
A bug was found in the way Mozilla displays the secure site icon. A
malicious web page can display the secure site icon by loading a binary
file from a secured site. (CAN-2005-0143)
A bug was found in the way Mozilla displays the download dialog window. A
malicious site can obfuscate the content displayed in the source field,
tricking a user into thinking they are downloading content from a trusted
source. (CAN-2005-0585)
Users of Mozilla are advised to upgrade to this updated package which
contains Mozilla version 1.7.6 to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated mozilla packages that fix various bugs are now available.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla is an open source Web browser, advanced email and newsgroup client,\nIRC chat client, and HTML editor.\n\nA buffer overflow bug was found in the way Mozilla processes GIF images. It\nis possible for an attacker to create a specially crafted GIF image, which\nwhen viewed by a victim will execute arbitrary code as the victim. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2005-0399 to this issue.\n\nA bug was found in the way Mozilla responds to proxy auth requests. It is\npossible for a malicious webserver to steal credentials from a victims\nbrowser by issuing a 407 proxy authentication request. (CAN-2005-0147)\n\nA bug was found in the way Mozilla displays dialog windows. It is possible\nthat a malicious web page which is being displayed in a background tab\ncould present the user with a dialog window appearing to come from the\nactive page. (CAN-2004-1380)\n\nA bug was found in the way Mozilla Mail handles cookies when loading\ncontent over HTTP regardless of the user\u0027s preference. It is possible that\na particular user could be tracked through the use of malicious mail\nmessages which load content over HTTP. (CAN-2005-0149)\n\nA flaw was found in the way Mozilla displays international domain names. It\nis possible for an attacker to display a valid URL, tricking the user into\nthinking they are viewing a legitimate webpage when they are not.\n(CAN-2005-0233)\n\nA bug was found in the way Mozilla handles pop-up windows. It is possible\nfor a malicious website to control the content in an unrelated site\u0027s\npop-up window. (CAN-2004-1156)\n\nA bug was found in the way Mozilla saves temporary files. Temporary files\nare saved with world readable permissions, which could allow a local\nmalicious user to view potentially sensitive data. (CAN-2005-0142)\n\nA bug was found in the way Mozilla handles synthetic middle click events. \nIt is possible for a malicious web page to steal the contents of a victims\nclipboard. (CAN-2005-0146)\n\nA bug was found in the way Mozilla processes XUL content. If a malicious\nweb page can trick a user into dragging an object, it is possible to load\nmalicious XUL content. (CAN-2005-0401)\n\nA bug was found in the way Mozilla loads links in a new tab which are\nmiddle clicked. A malicious web page could read local files or modify\nprivileged chrom settings. (CAN-2005-0141)\n\nA bug was found in the way Mozilla displays the secure site icon. A\nmalicious web page can use a view-source URL targetted at a secure page,\nwhile loading an insecure page, yet the secure site icon shows the previous\nsecure state. (CAN-2005-0144)\n\nA bug was found in the way Mozilla displays the secure site icon. A\nmalicious web page can display the secure site icon by loading a binary\nfile from a secured site. (CAN-2005-0143)\n\nA bug was found in the way Mozilla displays the download dialog window. A\nmalicious site can obfuscate the content displayed in the source field,\ntricking a user into thinking they are downloading content from a trusted\nsource. (CAN-2005-0585)\n\nUsers of Mozilla are advised to upgrade to this updated package which\ncontains Mozilla version 1.7.6 to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:335",
"url": "https://access.redhat.com/errata/RHSA-2005:335"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "142508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=142508"
},
{
"category": "external",
"summary": "144228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=144228"
},
{
"category": "external",
"summary": "146188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=146188"
},
{
"category": "external",
"summary": "147397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=147397"
},
{
"category": "external",
"summary": "150866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=150866"
},
{
"category": "external",
"summary": "151730",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=151730"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_335.json"
}
],
"title": "Red Hat Security Advisory: mozilla security update",
"tracking": {
"current_release_date": "2024-11-21T23:42:28+00:00",
"generator": {
"date": "2024-11-21T23:42:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2005:335",
"initial_release_date": "2005-03-23T19:14:00+00:00",
"revision_history": [
{
"date": "2005-03-23T19:14:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-03-23T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:42:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"product": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"product_id": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp-debuginfo@0.9.2-2.4.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "devhelp-0:0.9.2-2.4.3.x86_64",
"product": {
"name": "devhelp-0:0.9.2-2.4.3.x86_64",
"product_id": "devhelp-0:0.9.2-2.4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp@0.9.2-2.4.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "devhelp-devel-0:0.9.2-2.4.3.x86_64",
"product": {
"name": "devhelp-devel-0:0.9.2-2.4.3.x86_64",
"product_id": "devhelp-devel-0:0.9.2-2.4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp-devel@0.9.2-2.4.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "evolution-0:2.0.2-14.x86_64",
"product": {
"name": "evolution-0:2.0.2-14.x86_64",
"product_id": "evolution-0:2.0.2-14.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution@2.0.2-14?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "evolution-debuginfo-0:2.0.2-14.x86_64",
"product": {
"name": "evolution-debuginfo-0:2.0.2-14.x86_64",
"product_id": "evolution-debuginfo-0:2.0.2-14.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-debuginfo@2.0.2-14?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "evolution-devel-0:2.0.2-14.x86_64",
"product": {
"name": "evolution-devel-0:2.0.2-14.x86_64",
"product_id": "evolution-devel-0:2.0.2-14.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-devel@2.0.2-14?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"product": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"product_id": "devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp-debuginfo@0.9.2-2.4.3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "devhelp-0:0.9.2-2.4.3.i386",
"product": {
"name": "devhelp-0:0.9.2-2.4.3.i386",
"product_id": "devhelp-0:0.9.2-2.4.3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp@0.9.2-2.4.3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "devhelp-devel-0:0.9.2-2.4.3.i386",
"product": {
"name": "devhelp-devel-0:0.9.2-2.4.3.i386",
"product_id": "devhelp-devel-0:0.9.2-2.4.3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp-devel@0.9.2-2.4.3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "evolution-0:2.0.2-14.i386",
"product": {
"name": "evolution-0:2.0.2-14.i386",
"product_id": "evolution-0:2.0.2-14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution@2.0.2-14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "evolution-debuginfo-0:2.0.2-14.i386",
"product": {
"name": "evolution-debuginfo-0:2.0.2-14.i386",
"product_id": "evolution-debuginfo-0:2.0.2-14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-debuginfo@2.0.2-14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "evolution-devel-0:2.0.2-14.i386",
"product": {
"name": "evolution-devel-0:2.0.2-14.i386",
"product_id": "evolution-devel-0:2.0.2-14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-devel@2.0.2-14?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "devhelp-0:0.9.2-2.4.3.src",
"product": {
"name": "devhelp-0:0.9.2-2.4.3.src",
"product_id": "devhelp-0:0.9.2-2.4.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp@0.9.2-2.4.3?arch=src"
}
}
},
{
"category": "product_version",
"name": "evolution-0:2.0.2-14.src",
"product": {
"name": "evolution-0:2.0.2-14.src",
"product_id": "evolution-0:2.0.2-14.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution@2.0.2-14?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"product": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"product_id": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp-debuginfo@0.9.2-2.4.3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "devhelp-0:0.9.2-2.4.3.ppc",
"product": {
"name": "devhelp-0:0.9.2-2.4.3.ppc",
"product_id": "devhelp-0:0.9.2-2.4.3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp@0.9.2-2.4.3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "devhelp-devel-0:0.9.2-2.4.3.ppc",
"product": {
"name": "devhelp-devel-0:0.9.2-2.4.3.ppc",
"product_id": "devhelp-devel-0:0.9.2-2.4.3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/devhelp-devel@0.9.2-2.4.3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "evolution-0:2.0.2-14.ppc",
"product": {
"name": "evolution-0:2.0.2-14.ppc",
"product_id": "evolution-0:2.0.2-14.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution@2.0.2-14?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "evolution-debuginfo-0:2.0.2-14.ppc",
"product": {
"name": "evolution-debuginfo-0:2.0.2-14.ppc",
"product_id": "evolution-debuginfo-0:2.0.2-14.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-debuginfo@2.0.2-14?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "evolution-devel-0:2.0.2-14.ppc",
"product": {
"name": "evolution-devel-0:2.0.2-14.ppc",
"product_id": "evolution-devel-0:2.0.2-14.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-devel@2.0.2-14?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "evolution-0:2.0.2-14.ia64",
"product": {
"name": "evolution-0:2.0.2-14.ia64",
"product_id": "evolution-0:2.0.2-14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution@2.0.2-14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "evolution-debuginfo-0:2.0.2-14.ia64",
"product": {
"name": "evolution-debuginfo-0:2.0.2-14.ia64",
"product_id": "evolution-debuginfo-0:2.0.2-14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-debuginfo@2.0.2-14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "evolution-devel-0:2.0.2-14.ia64",
"product": {
"name": "evolution-devel-0:2.0.2-14.ia64",
"product_id": "evolution-devel-0:2.0.2-14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-devel@2.0.2-14?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "evolution-0:2.0.2-14.s390",
"product": {
"name": "evolution-0:2.0.2-14.s390",
"product_id": "evolution-0:2.0.2-14.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution@2.0.2-14?arch=s390"
}
}
},
{
"category": "product_version",
"name": "evolution-debuginfo-0:2.0.2-14.s390",
"product": {
"name": "evolution-debuginfo-0:2.0.2-14.s390",
"product_id": "evolution-debuginfo-0:2.0.2-14.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-debuginfo@2.0.2-14?arch=s390"
}
}
},
{
"category": "product_version",
"name": "evolution-devel-0:2.0.2-14.s390",
"product": {
"name": "evolution-devel-0:2.0.2-14.s390",
"product_id": "evolution-devel-0:2.0.2-14.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-devel@2.0.2-14?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "evolution-0:2.0.2-14.s390x",
"product": {
"name": "evolution-0:2.0.2-14.s390x",
"product_id": "evolution-0:2.0.2-14.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution@2.0.2-14?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "evolution-debuginfo-0:2.0.2-14.s390x",
"product": {
"name": "evolution-debuginfo-0:2.0.2-14.s390x",
"product_id": "evolution-debuginfo-0:2.0.2-14.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-debuginfo@2.0.2-14?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "evolution-devel-0:2.0.2-14.s390x",
"product": {
"name": "evolution-devel-0:2.0.2-14.s390x",
"product_id": "evolution-devel-0:2.0.2-14.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/evolution-devel@2.0.2-14?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-0:0.9.2-2.4.3.src"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-devel-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-devel-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-0:2.0.2-14.i386"
},
"product_reference": "evolution-0:2.0.2-14.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-0:2.0.2-14.ia64"
},
"product_reference": "evolution-0:2.0.2-14.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-0:2.0.2-14.ppc"
},
"product_reference": "evolution-0:2.0.2-14.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-0:2.0.2-14.s390"
},
"product_reference": "evolution-0:2.0.2-14.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-0:2.0.2-14.s390x"
},
"product_reference": "evolution-0:2.0.2-14.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-0:2.0.2-14.src"
},
"product_reference": "evolution-0:2.0.2-14.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-debuginfo-0:2.0.2-14.i386"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-debuginfo-0:2.0.2-14.ia64"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-debuginfo-0:2.0.2-14.ppc"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-debuginfo-0:2.0.2-14.s390"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-debuginfo-0:2.0.2-14.s390x"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-debuginfo-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-devel-0:2.0.2-14.i386"
},
"product_reference": "evolution-devel-0:2.0.2-14.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-devel-0:2.0.2-14.ia64"
},
"product_reference": "evolution-devel-0:2.0.2-14.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-devel-0:2.0.2-14.ppc"
},
"product_reference": "evolution-devel-0:2.0.2-14.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-devel-0:2.0.2-14.s390"
},
"product_reference": "evolution-devel-0:2.0.2-14.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-devel-0:2.0.2-14.s390x"
},
"product_reference": "evolution-devel-0:2.0.2-14.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:evolution-devel-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-devel-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-0:0.9.2-2.4.3.src"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-0:2.0.2-14.i386"
},
"product_reference": "evolution-0:2.0.2-14.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-0:2.0.2-14.ia64"
},
"product_reference": "evolution-0:2.0.2-14.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-0:2.0.2-14.ppc"
},
"product_reference": "evolution-0:2.0.2-14.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-0:2.0.2-14.s390"
},
"product_reference": "evolution-0:2.0.2-14.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-0:2.0.2-14.s390x"
},
"product_reference": "evolution-0:2.0.2-14.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-0:2.0.2-14.src"
},
"product_reference": "evolution-0:2.0.2-14.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-debuginfo-0:2.0.2-14.i386"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-debuginfo-0:2.0.2-14.ia64"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-debuginfo-0:2.0.2-14.ppc"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-debuginfo-0:2.0.2-14.s390"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-debuginfo-0:2.0.2-14.s390x"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-devel-0:2.0.2-14.i386"
},
"product_reference": "evolution-devel-0:2.0.2-14.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-devel-0:2.0.2-14.ia64"
},
"product_reference": "evolution-devel-0:2.0.2-14.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-devel-0:2.0.2-14.ppc"
},
"product_reference": "evolution-devel-0:2.0.2-14.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-devel-0:2.0.2-14.s390"
},
"product_reference": "evolution-devel-0:2.0.2-14.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-devel-0:2.0.2-14.s390x"
},
"product_reference": "evolution-devel-0:2.0.2-14.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:evolution-devel-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-devel-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-0:0.9.2-2.4.3.src"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-devel-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-devel-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-0:2.0.2-14.i386"
},
"product_reference": "evolution-0:2.0.2-14.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-0:2.0.2-14.ia64"
},
"product_reference": "evolution-0:2.0.2-14.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-0:2.0.2-14.ppc"
},
"product_reference": "evolution-0:2.0.2-14.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-0:2.0.2-14.s390"
},
"product_reference": "evolution-0:2.0.2-14.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-0:2.0.2-14.s390x"
},
"product_reference": "evolution-0:2.0.2-14.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-0:2.0.2-14.src"
},
"product_reference": "evolution-0:2.0.2-14.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-debuginfo-0:2.0.2-14.i386"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-debuginfo-0:2.0.2-14.ia64"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-debuginfo-0:2.0.2-14.ppc"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-debuginfo-0:2.0.2-14.s390"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-debuginfo-0:2.0.2-14.s390x"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-debuginfo-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-devel-0:2.0.2-14.i386"
},
"product_reference": "evolution-devel-0:2.0.2-14.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-devel-0:2.0.2-14.ia64"
},
"product_reference": "evolution-devel-0:2.0.2-14.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-devel-0:2.0.2-14.ppc"
},
"product_reference": "evolution-devel-0:2.0.2-14.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-devel-0:2.0.2-14.s390"
},
"product_reference": "evolution-devel-0:2.0.2-14.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-devel-0:2.0.2-14.s390x"
},
"product_reference": "evolution-devel-0:2.0.2-14.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:evolution-devel-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-devel-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-0:0.9.2-2.4.3.src"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-devel-0:0.9.2-2.4.3.i386"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-devel-0:0.9.2-2.4.3.ppc"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devhelp-devel-0:0.9.2-2.4.3.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64"
},
"product_reference": "devhelp-devel-0:0.9.2-2.4.3.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-0:2.0.2-14.i386"
},
"product_reference": "evolution-0:2.0.2-14.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-0:2.0.2-14.ia64"
},
"product_reference": "evolution-0:2.0.2-14.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-0:2.0.2-14.ppc"
},
"product_reference": "evolution-0:2.0.2-14.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-0:2.0.2-14.s390"
},
"product_reference": "evolution-0:2.0.2-14.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-0:2.0.2-14.s390x"
},
"product_reference": "evolution-0:2.0.2-14.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-0:2.0.2-14.src"
},
"product_reference": "evolution-0:2.0.2-14.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-debuginfo-0:2.0.2-14.i386"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-debuginfo-0:2.0.2-14.ia64"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-debuginfo-0:2.0.2-14.ppc"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-debuginfo-0:2.0.2-14.s390"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-debuginfo-0:2.0.2-14.s390x"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-debuginfo-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-debuginfo-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-debuginfo-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-devel-0:2.0.2-14.i386"
},
"product_reference": "evolution-devel-0:2.0.2-14.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-devel-0:2.0.2-14.ia64"
},
"product_reference": "evolution-devel-0:2.0.2-14.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-devel-0:2.0.2-14.ppc"
},
"product_reference": "evolution-devel-0:2.0.2-14.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-devel-0:2.0.2-14.s390"
},
"product_reference": "evolution-devel-0:2.0.2-14.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-devel-0:2.0.2-14.s390x"
},
"product_reference": "evolution-devel-0:2.0.2-14.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "evolution-devel-0:2.0.2-14.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:evolution-devel-0:2.0.2-14.x86_64"
},
"product_reference": "evolution-devel-0:2.0.2-14.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2004-1380",
"discovery_date": "2005-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617409"
}
],
"notes": [
{
"category": "description",
"text": "Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the \"Dialog Box Spoofing Vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-1380"
},
{
"category": "external",
"summary": "RHBZ#1617409",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617409"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1380"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-1380",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1380"
}
],
"release_date": "2005-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0141",
"discovery_date": "2005-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617469"
}
],
"notes": [
{
"category": "description",
"text": "Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links \"with a custom getter and toString method\" that are middle-clicked by the user to be opened in a new tab.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0141"
},
{
"category": "external",
"summary": "RHBZ#1617469",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617469"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0141",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0141"
}
],
"release_date": "2005-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0142",
"discovery_date": "2005-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617470"
}
],
"notes": [
{
"category": "description",
"text": "Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0142"
},
{
"category": "external",
"summary": "RHBZ#1617470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0142",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0142"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0142",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0142"
}
],
"release_date": "2005-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0143",
"discovery_date": "2005-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617471"
}
],
"notes": [
{
"category": "description",
"text": "Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0143"
},
{
"category": "external",
"summary": "RHBZ#1617471",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617471"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0143",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0143"
}
],
"release_date": "2005-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0144",
"discovery_date": "2005-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617472"
}
],
"notes": [
{
"category": "description",
"text": "Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0144"
},
{
"category": "external",
"summary": "RHBZ#1617472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0144",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0144"
}
],
"release_date": "2005-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0146",
"discovery_date": "2005-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617473"
}
],
"notes": [
{
"category": "description",
"text": "Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0146"
},
{
"category": "external",
"summary": "RHBZ#1617473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617473"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0146",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0146"
}
],
"release_date": "2005-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0149",
"discovery_date": "2005-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617475"
}
],
"notes": [
{
"category": "description",
"text": "Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user\u0027s intended privacy and security policy by using cookies in e-mail messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0149"
},
{
"category": "external",
"summary": "RHBZ#1617475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0149",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0149"
}
],
"release_date": "2005-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0399",
"discovery_date": "2005-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617517"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0399"
},
{
"category": "external",
"summary": "RHBZ#1617517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0399",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0399"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0399",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0399"
}
],
"release_date": "2005-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0401",
"discovery_date": "2005-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617519"
}
],
"notes": [
{
"category": "description",
"text": "FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka \"Firescrolling 2.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0401"
},
{
"category": "external",
"summary": "RHBZ#1617519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617519"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0401"
}
],
"release_date": "2005-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:14:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:devhelp-0:0.9.2-2.4.3.i386",
"4AS:devhelp-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-0:0.9.2-2.4.3.src",
"4AS:devhelp-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4AS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4AS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4AS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4AS:evolution-0:2.0.2-14.i386",
"4AS:evolution-0:2.0.2-14.ia64",
"4AS:evolution-0:2.0.2-14.ppc",
"4AS:evolution-0:2.0.2-14.s390",
"4AS:evolution-0:2.0.2-14.s390x",
"4AS:evolution-0:2.0.2-14.src",
"4AS:evolution-0:2.0.2-14.x86_64",
"4AS:evolution-debuginfo-0:2.0.2-14.i386",
"4AS:evolution-debuginfo-0:2.0.2-14.ia64",
"4AS:evolution-debuginfo-0:2.0.2-14.ppc",
"4AS:evolution-debuginfo-0:2.0.2-14.s390",
"4AS:evolution-debuginfo-0:2.0.2-14.s390x",
"4AS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4AS:evolution-devel-0:2.0.2-14.i386",
"4AS:evolution-devel-0:2.0.2-14.ia64",
"4AS:evolution-devel-0:2.0.2-14.ppc",
"4AS:evolution-devel-0:2.0.2-14.s390",
"4AS:evolution-devel-0:2.0.2-14.s390x",
"4AS:evolution-devel-0:2.0.2-14.x86_64",
"4Desktop:devhelp-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-0:0.9.2-2.4.3.src",
"4Desktop:devhelp-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.i386",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4Desktop:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4Desktop:evolution-0:2.0.2-14.i386",
"4Desktop:evolution-0:2.0.2-14.ia64",
"4Desktop:evolution-0:2.0.2-14.ppc",
"4Desktop:evolution-0:2.0.2-14.s390",
"4Desktop:evolution-0:2.0.2-14.s390x",
"4Desktop:evolution-0:2.0.2-14.src",
"4Desktop:evolution-0:2.0.2-14.x86_64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.i386",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ia64",
"4Desktop:evolution-debuginfo-0:2.0.2-14.ppc",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390",
"4Desktop:evolution-debuginfo-0:2.0.2-14.s390x",
"4Desktop:evolution-debuginfo-0:2.0.2-14.x86_64",
"4Desktop:evolution-devel-0:2.0.2-14.i386",
"4Desktop:evolution-devel-0:2.0.2-14.ia64",
"4Desktop:evolution-devel-0:2.0.2-14.ppc",
"4Desktop:evolution-devel-0:2.0.2-14.s390",
"4Desktop:evolution-devel-0:2.0.2-14.s390x",
"4Desktop:evolution-devel-0:2.0.2-14.x86_64",
"4ES:devhelp-0:0.9.2-2.4.3.i386",
"4ES:devhelp-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-0:0.9.2-2.4.3.src",
"4ES:devhelp-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4ES:devhelp-devel-0:0.9.2-2.4.3.i386",
"4ES:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4ES:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4ES:evolution-0:2.0.2-14.i386",
"4ES:evolution-0:2.0.2-14.ia64",
"4ES:evolution-0:2.0.2-14.ppc",
"4ES:evolution-0:2.0.2-14.s390",
"4ES:evolution-0:2.0.2-14.s390x",
"4ES:evolution-0:2.0.2-14.src",
"4ES:evolution-0:2.0.2-14.x86_64",
"4ES:evolution-debuginfo-0:2.0.2-14.i386",
"4ES:evolution-debuginfo-0:2.0.2-14.ia64",
"4ES:evolution-debuginfo-0:2.0.2-14.ppc",
"4ES:evolution-debuginfo-0:2.0.2-14.s390",
"4ES:evolution-debuginfo-0:2.0.2-14.s390x",
"4ES:evolution-debuginfo-0:2.0.2-14.x86_64",
"4ES:evolution-devel-0:2.0.2-14.i386",
"4ES:evolution-devel-0:2.0.2-14.ia64",
"4ES:evolution-devel-0:2.0.2-14.ppc",
"4ES:evolution-devel-0:2.0.2-14.s390",
"4ES:evolution-devel-0:2.0.2-14.s390x",
"4ES:evolution-devel-0:2.0.2-14.x86_64",
"4WS:devhelp-0:0.9.2-2.4.3.i386",
"4WS:devhelp-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-0:0.9.2-2.4.3.src",
"4WS:devhelp-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.i386",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-debuginfo-0:0.9.2-2.4.3.x86_64",
"4WS:devhelp-devel-0:0.9.2-2.4.3.i386",
"4WS:devhelp-devel-0:0.9.2-2.4.3.ppc",
"4WS:devhelp-devel-0:0.9.2-2.4.3.x86_64",
"4WS:evolution-0:2.0.2-14.i386",
"4WS:evolution-0:2.0.2-14.ia64",
"4WS:evolution-0:2.0.2-14.ppc",
"4WS:evolution-0:2.0.2-14.s390",
"4WS:evolution-0:2.0.2-14.s390x",
"4WS:evolution-0:2.0.2-14.src",
"4WS:evolution-0:2.0.2-14.x86_64",
"4WS:evolution-debuginfo-0:2.0.2-14.i386",
"4WS:evolution-debuginfo-0:2.0.2-14.ia64",
"4WS:evolution-debuginfo-0:2.0.2-14.ppc",
"4WS:evolution-debuginfo-0:2.0.2-14.s390",
"4WS:evolution-debuginfo-0:2.0.2-14.s390x",
"4WS:evolution-debuginfo-0:2.0.2-14.x86_64",
"4WS:evolution-devel-0:2.0.2-14.i386",
"4WS:evolution-devel-0:2.0.2-14.ia64",
"4WS:evolution-devel-0:2.0.2-14.ppc",
"4WS:evolution-devel-0:2.0.2-14.s390",
"4WS:evolution-devel-0:2.0.2-14.s390x",
"4WS:evolution-devel-0:2.0.2-14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:335"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
}
]
}
rhsa-2005:337
Vulnerability from csaf_redhat
Published
2005-03-23 19:26
Modified
2024-11-21 23:37
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
Updated thunderbird packages that fix various bugs are now available.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
A buffer overflow bug was found in the way Thunderbird processes GIF
images. It is possible for an attacker to create a specially crafted GIF
image, which when viewed by a victim will execute arbitrary code as the
victim. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-0399 to this issue.
A bug was found in the Thunderbird string handling functions. If a
malicious website is able to exhaust a system's memory, it becomes possible
to execute arbitrary code. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0255 to this issue.
Users of Thunderbird are advised to upgrade to this updated package which
contains Thunderbird version 1.0.2 and is not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated thunderbird packages that fix various bugs are now available.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nA buffer overflow bug was found in the way Thunderbird processes GIF\nimages. It is possible for an attacker to create a specially crafted GIF\nimage, which when viewed by a victim will execute arbitrary code as the\nvictim. The Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the name CAN-2005-0399 to this issue.\n\nA bug was found in the Thunderbird string handling functions. If a\nmalicious website is able to exhaust a system\u0027s memory, it becomes possible\nto execute arbitrary code. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2005-0255 to this issue.\n\nUsers of Thunderbird are advised to upgrade to this updated package which\ncontains Thunderbird version 1.0.2 and is not vulnerable to these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:337",
"url": "https://access.redhat.com/errata/RHSA-2005:337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "149883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=149883"
},
{
"category": "external",
"summary": "150874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=150874"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_337.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2024-11-21T23:37:32+00:00",
"generator": {
"date": "2024-11-21T23:37:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2005:337",
"initial_release_date": "2005-03-23T19:26:00+00:00",
"revision_history": [
{
"date": "2005-03-23T19:26:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-03-23T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:37:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.0.2-1.4.1.ia64",
"product": {
"name": "thunderbird-0:1.0.2-1.4.1.ia64",
"product_id": "thunderbird-0:1.0.2-1.4.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.0.2-1.4.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"product": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"product_id": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.2-1.4.1?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.0.2-1.4.1.src",
"product": {
"name": "thunderbird-0:1.0.2-1.4.1.src",
"product_id": "thunderbird-0:1.0.2-1.4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.0.2-1.4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.0.2-1.4.1.x86_64",
"product": {
"name": "thunderbird-0:1.0.2-1.4.1.x86_64",
"product_id": "thunderbird-0:1.0.2-1.4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.0.2-1.4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"product_id": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.2-1.4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.0.2-1.4.1.i386",
"product": {
"name": "thunderbird-0:1.0.2-1.4.1.i386",
"product_id": "thunderbird-0:1.0.2-1.4.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.0.2-1.4.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"product": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"product_id": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.2-1.4.1?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.0.2-1.4.1.ppc",
"product": {
"name": "thunderbird-0:1.0.2-1.4.1.ppc",
"product_id": "thunderbird-0:1.0.2-1.4.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.0.2-1.4.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"product": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"product_id": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.2-1.4.1?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.0.2-1.4.1.s390",
"product": {
"name": "thunderbird-0:1.0.2-1.4.1.s390",
"product_id": "thunderbird-0:1.0.2-1.4.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.0.2-1.4.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"product": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"product_id": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.2-1.4.1?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.0.2-1.4.1.s390x",
"product": {
"name": "thunderbird-0:1.0.2-1.4.1.s390x",
"product_id": "thunderbird-0:1.0.2-1.4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.0.2-1.4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"product": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"product_id": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.2-1.4.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.0.2-1.4.1.i386"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.0.2-1.4.1.ia64"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.0.2-1.4.1.ppc"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.0.2-1.4.1.s390"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.0.2-1.4.1.s390x"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.0.2-1.4.1.src"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.0.2-1.4.1.i386"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.0.2-1.4.1.ia64"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.0.2-1.4.1.ppc"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.0.2-1.4.1.s390"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.0.2-1.4.1.s390x"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.0.2-1.4.1.src"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.0.2-1.4.1.i386"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.0.2-1.4.1.ia64"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.0.2-1.4.1.ppc"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.0.2-1.4.1.s390"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.0.2-1.4.1.s390x"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.0.2-1.4.1.src"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.0.2-1.4.1.i386"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.0.2-1.4.1.ia64"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.0.2-1.4.1.ppc"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.0.2-1.4.1.s390"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.0.2-1.4.1.s390x"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.0.2-1.4.1.src"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "thunderbird-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-0255",
"discovery_date": "2005-02-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617509"
}
],
"notes": [
{
"category": "description",
"text": "String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.0.2-1.4.1.i386",
"4AS:thunderbird-0:1.0.2-1.4.1.ia64",
"4AS:thunderbird-0:1.0.2-1.4.1.ppc",
"4AS:thunderbird-0:1.0.2-1.4.1.s390",
"4AS:thunderbird-0:1.0.2-1.4.1.s390x",
"4AS:thunderbird-0:1.0.2-1.4.1.src",
"4AS:thunderbird-0:1.0.2-1.4.1.x86_64",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:thunderbird-0:1.0.2-1.4.1.i386",
"4Desktop:thunderbird-0:1.0.2-1.4.1.ia64",
"4Desktop:thunderbird-0:1.0.2-1.4.1.ppc",
"4Desktop:thunderbird-0:1.0.2-1.4.1.s390",
"4Desktop:thunderbird-0:1.0.2-1.4.1.s390x",
"4Desktop:thunderbird-0:1.0.2-1.4.1.src",
"4Desktop:thunderbird-0:1.0.2-1.4.1.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:thunderbird-0:1.0.2-1.4.1.i386",
"4ES:thunderbird-0:1.0.2-1.4.1.ia64",
"4ES:thunderbird-0:1.0.2-1.4.1.ppc",
"4ES:thunderbird-0:1.0.2-1.4.1.s390",
"4ES:thunderbird-0:1.0.2-1.4.1.s390x",
"4ES:thunderbird-0:1.0.2-1.4.1.src",
"4ES:thunderbird-0:1.0.2-1.4.1.x86_64",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:thunderbird-0:1.0.2-1.4.1.i386",
"4WS:thunderbird-0:1.0.2-1.4.1.ia64",
"4WS:thunderbird-0:1.0.2-1.4.1.ppc",
"4WS:thunderbird-0:1.0.2-1.4.1.s390",
"4WS:thunderbird-0:1.0.2-1.4.1.s390x",
"4WS:thunderbird-0:1.0.2-1.4.1.src",
"4WS:thunderbird-0:1.0.2-1.4.1.x86_64",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0255"
},
{
"category": "external",
"summary": "RHBZ#1617509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617509"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0255",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0255"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0255",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0255"
}
],
"release_date": "2005-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:26:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:thunderbird-0:1.0.2-1.4.1.i386",
"4AS:thunderbird-0:1.0.2-1.4.1.ia64",
"4AS:thunderbird-0:1.0.2-1.4.1.ppc",
"4AS:thunderbird-0:1.0.2-1.4.1.s390",
"4AS:thunderbird-0:1.0.2-1.4.1.s390x",
"4AS:thunderbird-0:1.0.2-1.4.1.src",
"4AS:thunderbird-0:1.0.2-1.4.1.x86_64",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:thunderbird-0:1.0.2-1.4.1.i386",
"4Desktop:thunderbird-0:1.0.2-1.4.1.ia64",
"4Desktop:thunderbird-0:1.0.2-1.4.1.ppc",
"4Desktop:thunderbird-0:1.0.2-1.4.1.s390",
"4Desktop:thunderbird-0:1.0.2-1.4.1.s390x",
"4Desktop:thunderbird-0:1.0.2-1.4.1.src",
"4Desktop:thunderbird-0:1.0.2-1.4.1.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:thunderbird-0:1.0.2-1.4.1.i386",
"4ES:thunderbird-0:1.0.2-1.4.1.ia64",
"4ES:thunderbird-0:1.0.2-1.4.1.ppc",
"4ES:thunderbird-0:1.0.2-1.4.1.s390",
"4ES:thunderbird-0:1.0.2-1.4.1.s390x",
"4ES:thunderbird-0:1.0.2-1.4.1.src",
"4ES:thunderbird-0:1.0.2-1.4.1.x86_64",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:thunderbird-0:1.0.2-1.4.1.i386",
"4WS:thunderbird-0:1.0.2-1.4.1.ia64",
"4WS:thunderbird-0:1.0.2-1.4.1.ppc",
"4WS:thunderbird-0:1.0.2-1.4.1.s390",
"4WS:thunderbird-0:1.0.2-1.4.1.s390x",
"4WS:thunderbird-0:1.0.2-1.4.1.src",
"4WS:thunderbird-0:1.0.2-1.4.1.x86_64",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:337"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-0399",
"discovery_date": "2005-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617517"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.0.2-1.4.1.i386",
"4AS:thunderbird-0:1.0.2-1.4.1.ia64",
"4AS:thunderbird-0:1.0.2-1.4.1.ppc",
"4AS:thunderbird-0:1.0.2-1.4.1.s390",
"4AS:thunderbird-0:1.0.2-1.4.1.s390x",
"4AS:thunderbird-0:1.0.2-1.4.1.src",
"4AS:thunderbird-0:1.0.2-1.4.1.x86_64",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:thunderbird-0:1.0.2-1.4.1.i386",
"4Desktop:thunderbird-0:1.0.2-1.4.1.ia64",
"4Desktop:thunderbird-0:1.0.2-1.4.1.ppc",
"4Desktop:thunderbird-0:1.0.2-1.4.1.s390",
"4Desktop:thunderbird-0:1.0.2-1.4.1.s390x",
"4Desktop:thunderbird-0:1.0.2-1.4.1.src",
"4Desktop:thunderbird-0:1.0.2-1.4.1.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:thunderbird-0:1.0.2-1.4.1.i386",
"4ES:thunderbird-0:1.0.2-1.4.1.ia64",
"4ES:thunderbird-0:1.0.2-1.4.1.ppc",
"4ES:thunderbird-0:1.0.2-1.4.1.s390",
"4ES:thunderbird-0:1.0.2-1.4.1.s390x",
"4ES:thunderbird-0:1.0.2-1.4.1.src",
"4ES:thunderbird-0:1.0.2-1.4.1.x86_64",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:thunderbird-0:1.0.2-1.4.1.i386",
"4WS:thunderbird-0:1.0.2-1.4.1.ia64",
"4WS:thunderbird-0:1.0.2-1.4.1.ppc",
"4WS:thunderbird-0:1.0.2-1.4.1.s390",
"4WS:thunderbird-0:1.0.2-1.4.1.s390x",
"4WS:thunderbird-0:1.0.2-1.4.1.src",
"4WS:thunderbird-0:1.0.2-1.4.1.x86_64",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-0399"
},
{
"category": "external",
"summary": "RHBZ#1617517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-0399",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0399"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-0399",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0399"
}
],
"release_date": "2005-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-03-23T19:26:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:thunderbird-0:1.0.2-1.4.1.i386",
"4AS:thunderbird-0:1.0.2-1.4.1.ia64",
"4AS:thunderbird-0:1.0.2-1.4.1.ppc",
"4AS:thunderbird-0:1.0.2-1.4.1.s390",
"4AS:thunderbird-0:1.0.2-1.4.1.s390x",
"4AS:thunderbird-0:1.0.2-1.4.1.src",
"4AS:thunderbird-0:1.0.2-1.4.1.x86_64",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4AS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4Desktop:thunderbird-0:1.0.2-1.4.1.i386",
"4Desktop:thunderbird-0:1.0.2-1.4.1.ia64",
"4Desktop:thunderbird-0:1.0.2-1.4.1.ppc",
"4Desktop:thunderbird-0:1.0.2-1.4.1.s390",
"4Desktop:thunderbird-0:1.0.2-1.4.1.s390x",
"4Desktop:thunderbird-0:1.0.2-1.4.1.src",
"4Desktop:thunderbird-0:1.0.2-1.4.1.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4Desktop:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4ES:thunderbird-0:1.0.2-1.4.1.i386",
"4ES:thunderbird-0:1.0.2-1.4.1.ia64",
"4ES:thunderbird-0:1.0.2-1.4.1.ppc",
"4ES:thunderbird-0:1.0.2-1.4.1.s390",
"4ES:thunderbird-0:1.0.2-1.4.1.s390x",
"4ES:thunderbird-0:1.0.2-1.4.1.src",
"4ES:thunderbird-0:1.0.2-1.4.1.x86_64",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4ES:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64",
"4WS:thunderbird-0:1.0.2-1.4.1.i386",
"4WS:thunderbird-0:1.0.2-1.4.1.ia64",
"4WS:thunderbird-0:1.0.2-1.4.1.ppc",
"4WS:thunderbird-0:1.0.2-1.4.1.s390",
"4WS:thunderbird-0:1.0.2-1.4.1.s390x",
"4WS:thunderbird-0:1.0.2-1.4.1.src",
"4WS:thunderbird-0:1.0.2-1.4.1.x86_64",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.i386",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ia64",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.ppc",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.s390x",
"4WS:thunderbird-debuginfo-0:1.0.2-1.4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:337"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
}
]
}
gsd-2005-0399
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2005-0399",
"description": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.",
"id": "GSD-2005-0399",
"references": [
"https://www.suse.com/security/cve/CVE-2005-0399.html",
"https://access.redhat.com/errata/RHSA-2005:337",
"https://access.redhat.com/errata/RHSA-2005:336",
"https://access.redhat.com/errata/RHSA-2005:335",
"https://access.redhat.com/errata/RHSA-2005:323"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2005-0399"
],
"details": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.",
"id": "GSD-2005-0399",
"modified": "2023-12-13T01:20:08.029422Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-0399",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml",
"refsource": "MISC",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"name": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt",
"refsource": "MISC",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
},
{
"name": "http://secunia.com/advisories/19823",
"refsource": "MISC",
"url": "http://secunia.com/advisories/19823"
},
{
"name": "http://www.novell.com/linux/security/advisories/2006_04_25.html",
"refsource": "MISC",
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"name": "http://www.securityfocus.com/bid/15495",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/15495"
},
{
"name": "http://secunia.com/advisories/14654",
"refsource": "MISC",
"url": "http://secunia.com/advisories/14654"
},
{
"name": "http://www.ciac.org/ciac/bulletins/p-160.shtml",
"refsource": "MISC",
"url": "http://www.ciac.org/ciac/bulletins/p-160.shtml"
},
{
"name": "http://www.kb.cert.org/vuls/id/557948",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/557948"
},
{
"name": "http://www.mozilla.org/security/announce/mfsa2005-30.html",
"refsource": "MISC",
"url": "http://www.mozilla.org/security/announce/mfsa2005-30.html"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2005-323.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2005-335.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2005-335.html"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2005-336.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2005-336.html"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2005-337.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2005-337.html"
},
{
"name": "http://www.securityfocus.com/bid/12881",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/12881"
},
{
"name": "http://www.vupen.com/english/advisories/2005/0296",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2005/0296"
},
{
"name": "http://xforce.iss.net/xforce/alerts/id/191",
"refsource": "MISC",
"url": "http://xforce.iss.net/xforce/alerts/id/191"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19269",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19269"
},
{
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028",
"refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028"
},
{
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377",
"refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.5:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.5:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.5:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.6:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.6:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:1.7:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-0399"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050323 Mozilla Foundation GIF Overflow",
"refsource": "ISS",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/191"
},
{
"name": "http://www.mozilla.org/security/announce/mfsa2005-30.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/mfsa2005-30.html"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877"
},
{
"name": "GLSA-200503-30",
"refsource": "GENTOO",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"name": "RHSA-2005:323",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name": "RHSA-2005:335",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-335.html"
},
{
"name": "RHSA-2005:336",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-336.html"
},
{
"name": "RHSA-2005:337",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-337.html"
},
{
"name": "VU#557948",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/557948"
},
{
"name": "P-160",
"refsource": "CIAC",
"tags": [],
"url": "http://www.ciac.org/ciac/bulletins/p-160.shtml"
},
{
"name": "14654",
"refsource": "SECUNIA",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14654"
},
{
"name": "12881",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/12881"
},
{
"name": "SCOSA-2005.49",
"refsource": "SCO",
"tags": [],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
},
{
"name": "15495",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/15495"
},
{
"name": "19823",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/19823"
},
{
"name": "SUSE-SA:2006:004",
"refsource": "SUSE",
"tags": [],
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"name": "ADV-2005-0296",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2005/0296"
},
{
"name": "gif-extension-overflow(19269)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19269"
},
{
"name": "oval:org.mitre.oval:def:11377",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377"
},
{
"name": "oval:org.mitre.oval:def:100028",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2018-05-03T01:29Z",
"publishedDate": "2005-05-02T04:00Z"
}
}
}
fkie_cve-2005-0399
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt | ||
| secalert@redhat.com | http://secunia.com/advisories/14654 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/19823 | ||
| secalert@redhat.com | http://www.ciac.org/ciac/bulletins/p-160.shtml | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml | Vendor Advisory | |
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/557948 | Third Party Advisory, US Government Resource | |
| secalert@redhat.com | http://www.mozilla.org/security/announce/mfsa2005-30.html | Vendor Advisory | |
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2006_04_25.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-323.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-335.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-336.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-337.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/12881 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/15495 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2005/0296 | ||
| secalert@redhat.com | http://xforce.iss.net/xforce/alerts/id/191 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877 | Vendor Advisory | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/19269 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14654 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19823 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/p-160.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/557948 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/mfsa2005-30.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2006_04_25.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-323.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-335.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-336.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-337.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/12881 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15495 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/0296 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://xforce.iss.net/xforce/alerts/id/191 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/19269 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | 0.8 | |
| mozilla | firefox | 0.9 | |
| mozilla | firefox | 0.9 | |
| mozilla | firefox | 0.9.1 | |
| mozilla | firefox | 0.9.2 | |
| mozilla | firefox | 0.9.3 | |
| mozilla | firefox | 0.10 | |
| mozilla | firefox | 0.10.1 | |
| mozilla | firefox | 1.0 | |
| mozilla | firefox | 1.0.1 | |
| mozilla | mozilla | 1.3 | |
| mozilla | mozilla | 1.4 | |
| mozilla | mozilla | 1.4 | |
| mozilla | mozilla | 1.4.1 | |
| mozilla | mozilla | 1.5 | |
| mozilla | mozilla | 1.5 | |
| mozilla | mozilla | 1.5 | |
| mozilla | mozilla | 1.5 | |
| mozilla | mozilla | 1.5.1 | |
| mozilla | mozilla | 1.6 | |
| mozilla | mozilla | 1.6 | |
| mozilla | mozilla | 1.6 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7.1 | |
| mozilla | mozilla | 1.7.2 | |
| mozilla | mozilla | 1.7.3 | |
| mozilla | mozilla | 1.7.5 | |
| mozilla | thunderbird | 0.1 | |
| mozilla | thunderbird | 0.2 | |
| mozilla | thunderbird | 0.3 | |
| mozilla | thunderbird | 0.4 | |
| mozilla | thunderbird | 0.5 | |
| mozilla | thunderbird | 0.6 | |
| mozilla | thunderbird | 0.7 | |
| mozilla | thunderbird | 0.7.1 | |
| mozilla | thunderbird | 0.7.2 | |
| mozilla | thunderbird | 0.7.3 | |
| mozilla | thunderbird | 0.8 | |
| mozilla | thunderbird | 0.9 | |
| mozilla | thunderbird | 1.0 | |
| mozilla | thunderbird | 1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
"matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "010B34F4-910E-4515-990B-8E72DF009578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C656A621-BE62-4BB8-9B25-A3916E60FA12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3F91A1-7DD9-4146-8BA4-BE594C66DD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "82A6419D-0E94-4D80-8B07-E5AB4DBA2F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED69BEB9-8D83-415B-826D-9D17FB67976B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BCDB64E5-AE26-43DF-8A66-654D5D22A635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.5:alpha:*:*:*:*:*:*",
"matchCriteriaId": "3D8CB42F-8F05-45A6-A408-50A11CC132DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "407F69BE-4026-4B26-AC31-11E7CC942760",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6E8264B5-4D4B-453D-B599-E2AD533A0CF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9D75F1-8333-43DE-A08B-142E4C5899D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF63077-4E98-497D-8CE6-B84B022DB21D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.6:alpha:*:*:*:*:*:*",
"matchCriteriaId": "2FEC6B13-3088-4ECB-9D81-6480F439601C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "20ECA520-780A-4EF8-8C80-B7564F4148B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:alpha:*:*:*:*:*:*",
"matchCriteriaId": "78A75EE3-DC19-4F21-86F4-834FCEAFEFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "F610FFD5-DF37-4075-AE8B-8D89DF6205A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D093FD25-94C8-49B8-A452-438023BFB105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3346E7D0-D7EF-4182-BD86-837F14EEB9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "150F1B28-0FAB-4880-B1D5-7F244A1C4D31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C883B45F-D28D-428E-AAF7-F93522A229DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA659B9-2A00-45A6-A462-4E0A20FB7F81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0618BD26-0EF5-4774-9131-B5ABD4CD302A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0D604DAE-DF63-413C-9F49-FFC8E84699F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE6185-09F4-48E3-9742-F9D8030B5774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E70864-E077-4CD6-A0E8-BC2C4C298A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "61E565E5-286D-4A68-B085-5659DFE59A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2A68B4-9101-4AC5-9E82-EEB5A5405541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5263F879-9B90-4582-B677-F133DEBE5259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C256B73C-9ABC-43D4-8C57-09161BC9F923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size."
}
],
"id": "CVE-2005-0399",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14654"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19823"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ciac.org/ciac/bulletins/p-160.shtml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/557948"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/mfsa2005-30.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-335.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-336.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-337.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/12881"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/15495"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2005/0296"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/191"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19269"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-160.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/557948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/mfsa2005-30.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-335.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/0296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-x75c-2774-mpv3
Vulnerability from github
Published
2022-05-03 03:14
Modified
2022-05-03 03:14
VLAI Severity ?
Details
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
{
"affected": [],
"aliases": [
"CVE-2005-0399"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2005-05-02T04:00:00Z",
"severity": "MODERATE"
},
"details": "Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.",
"id": "GHSA-x75c-2774-mpv3",
"modified": "2022-05-03T03:14:02Z",
"published": "2022-05-03T03:14:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0399"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19269"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/14654"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/19823"
},
{
"type": "WEB",
"url": "http://www.ciac.org/ciac/bulletins/p-160.shtml"
},
{
"type": "WEB",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/557948"
},
{
"type": "WEB",
"url": "http://www.mozilla.org/security/announce/mfsa2005-30.html"
},
{
"type": "WEB",
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2005-335.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2005-336.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2005-337.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/12881"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/15495"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2005/0296"
},
{
"type": "WEB",
"url": "http://xforce.iss.net/xforce/alerts/id/191"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…