Synopsis: Critical: firefox security update Issue date: 2008-03-26 CVE Names: CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1241 Several flaws were found in the processing of some malformed web content. A web page containing such malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-1233, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of malformed web content. A web page containing specially-crafted content could, potentially, trick a Firefox user into surrendering sensitive information. (CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) SL 4.x SRPMS: firefox-1.5.0.12-0.14.el4.src.rpm i386: firefox-1.5.0.12-0.14.el4.i386.rpm x86_64: firefox-1.5.0.12-0.14.el4.i386.rpm firefox-1.5.0.12-0.14.el4.x86_64.rpm SL 5.x SRPMS: firefox-1.5.0.12-14.el5_1.src.rpm i386: firefox-1.5.0.12-14.el5_1.i386.rpm firefox-devel-1.5.0.12-14.el5_1.i386.rpm x86_64: firefox-1.5.0.12-14.el5_1.i386.rpm firefox-1.5.0.12-14.el5_1.x86_64.rpm firefox-devel-1.5.0.12-14.el5_1.i386.rpm firefox-devel-1.5.0.12-14.el5_1.x86_64.rpm -Connie Sieh -Troy Dawson