Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2007:0724 - Security Advisory
Issued:
2007-07-18
Updated:
2007-12-04

RHSA-2007:0724 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Critical: firefox security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated firefox packages that fix several security bugs are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Description

Mozilla Firefox is an open source Web browser.

Several flaws were found in the way Firefox processed certain malformed
JavaScript code. A web page containing malicious JavaScript code could
cause Firefox to crash or potentially execute arbitrary code as the user
running Firefox. (CVE-2007-3734, CVE-2007-3735, CVE-2007-3737, CVE-2007-3738)

Several content injection flaws were found in the way Firefox handled
certain JavaScript code. A web page containing malicious JavaScript code
could inject arbitrary content into other web pages. (CVE-2007-3736,
CVE-2007-3089)

A flaw was found in the way Firefox cached web pages on the local disk. A
malicious web page may be able to inject arbitrary HTML into a browsing
session if the user reloads a targeted site. (CVE-2007-3656)

Users of Firefox are advised to upgrade to these erratum packages, which
contain backported patches that correct these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 248518 - CVE-2007-3089 various flaws in mozilla products (CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3656 CVE-2007-3738)

CVEs

  • CVE-2007-3656
  • CVE-2007-3089
  • CVE-2007-3737
  • CVE-2007-3736
  • CVE-2007-3735
  • CVE-2007-3734
  • CVE-2007-3738

References

  • http://www.redhat.com/security/updates/classification/#critical
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
firefox-1.5.0.12-3.el5.src.rpm SHA-256: 597464f35cb6a598448b56523e4466c09569f346b329e4f640e480f0a96d5802
x86_64
firefox-1.5.0.12-3.el5.i386.rpm SHA-256: d178769b0ba984cd70c28300315d75316cbdda558c36cc20f8bf240ffbe93063
firefox-1.5.0.12-3.el5.x86_64.rpm SHA-256: d03734fc4fd8ccde0dff337e27fd5281aa1f63c52a3ef2983df0a07ff22ef578
firefox-devel-1.5.0.12-3.el5.i386.rpm SHA-256: d27431d78ec58783f3c68f79cf25754ff48c48dd608f7a9b2c668bb7e406b41d
firefox-devel-1.5.0.12-3.el5.x86_64.rpm SHA-256: 8d487ce7f595b2491fba2a6088a4266737e08989696d7764ea052076032f684d
ia64
firefox-1.5.0.12-3.el5.ia64.rpm SHA-256: 05b1b0c74fce88e35aa7c6273426bcb6ca0bfeb0105298c74fd370ce23a14a2e
firefox-devel-1.5.0.12-3.el5.ia64.rpm SHA-256: f0aeddbbf5a1d47c6844314f00685af227fbb83557f0322198dabbb53c7f1648
i386
firefox-1.5.0.12-3.el5.i386.rpm SHA-256: d178769b0ba984cd70c28300315d75316cbdda558c36cc20f8bf240ffbe93063
firefox-devel-1.5.0.12-3.el5.i386.rpm SHA-256: d27431d78ec58783f3c68f79cf25754ff48c48dd608f7a9b2c668bb7e406b41d

Red Hat Enterprise Linux Server 4

SRPM
firefox-1.5.0.12-0.3.el4.src.rpm SHA-256: d0bee522221b7af0da3546ec7070eacad3dc4e27554e5ad8f2111e0b10cd8461
x86_64
firefox-1.5.0.12-0.3.el4.x86_64.rpm SHA-256: ff92c2244843799b4194b58a9f71c70cdfd877dd85ee371ab65af62f726ec416
firefox-1.5.0.12-0.3.el4.x86_64.rpm SHA-256: ff92c2244843799b4194b58a9f71c70cdfd877dd85ee371ab65af62f726ec416
ia64
firefox-1.5.0.12-0.3.el4.ia64.rpm SHA-256: 85d3ae3fad448f2769d6f1a54f3014e98888720cf55a7dce32b910853a128c39
firefox-1.5.0.12-0.3.el4.ia64.rpm SHA-256: 85d3ae3fad448f2769d6f1a54f3014e98888720cf55a7dce32b910853a128c39
i386
firefox-1.5.0.12-0.3.el4.i386.rpm SHA-256: 28877d5130bfceeaec63c6191a4e729a229454e717b5967db68411d24d7b8463
firefox-1.5.0.12-0.3.el4.i386.rpm SHA-256: 28877d5130bfceeaec63c6191a4e729a229454e717b5967db68411d24d7b8463

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5

SRPM
firefox-1.5.0.12-0.3.el4.src.rpm SHA-256: d0bee522221b7af0da3546ec7070eacad3dc4e27554e5ad8f2111e0b10cd8461
x86_64
firefox-1.5.0.12-0.3.el4.x86_64.rpm SHA-256: ff92c2244843799b4194b58a9f71c70cdfd877dd85ee371ab65af62f726ec416
firefox-1.5.0.12-0.3.el4.x86_64.rpm SHA-256: ff92c2244843799b4194b58a9f71c70cdfd877dd85ee371ab65af62f726ec416
ia64
firefox-1.5.0.12-0.3.el4.ia64.rpm SHA-256: 85d3ae3fad448f2769d6f1a54f3014e98888720cf55a7dce32b910853a128c39
firefox-1.5.0.12-0.3.el4.ia64.rpm SHA-256: 85d3ae3fad448f2769d6f1a54f3014e98888720cf55a7dce32b910853a128c39
i386
firefox-1.5.0.12-0.3.el4.i386.rpm SHA-256: 28877d5130bfceeaec63c6191a4e729a229454e717b5967db68411d24d7b8463
firefox-1.5.0.12-0.3.el4.i386.rpm SHA-256: 28877d5130bfceeaec63c6191a4e729a229454e717b5967db68411d24d7b8463

Red Hat Enterprise Linux Workstation 5

SRPM
firefox-1.5.0.12-3.el5.src.rpm SHA-256: 597464f35cb6a598448b56523e4466c09569f346b329e4f640e480f0a96d5802
x86_64
firefox-1.5.0.12-3.el5.i386.rpm SHA-256: d178769b0ba984cd70c28300315d75316cbdda558c36cc20f8bf240ffbe93063
firefox-1.5.0.12-3.el5.x86_64.rpm SHA-256: d03734fc4fd8ccde0dff337e27fd5281aa1f63c52a3ef2983df0a07ff22ef578
firefox-devel-1.5.0.12-3.el5.i386.rpm SHA-256: d27431d78ec58783f3c68f79cf25754ff48c48dd608f7a9b2c668bb7e406b41d
firefox-devel-1.5.0.12-3.el5.x86_64.rpm SHA-256: 8d487ce7f595b2491fba2a6088a4266737e08989696d7764ea052076032f684d
i386
firefox-1.5.0.12-3.el5.i386.rpm SHA-256: d178769b0ba984cd70c28300315d75316cbdda558c36cc20f8bf240ffbe93063
firefox-devel-1.5.0.12-3.el5.i386.rpm SHA-256: d27431d78ec58783f3c68f79cf25754ff48c48dd608f7a9b2c668bb7e406b41d

Red Hat Enterprise Linux Workstation 4

SRPM
firefox-1.5.0.12-0.3.el4.src.rpm SHA-256: d0bee522221b7af0da3546ec7070eacad3dc4e27554e5ad8f2111e0b10cd8461
x86_64
firefox-1.5.0.12-0.3.el4.x86_64.rpm SHA-256: ff92c2244843799b4194b58a9f71c70cdfd877dd85ee371ab65af62f726ec416
ia64
firefox-1.5.0.12-0.3.el4.ia64.rpm SHA-256: 85d3ae3fad448f2769d6f1a54f3014e98888720cf55a7dce32b910853a128c39
i386
firefox-1.5.0.12-0.3.el4.i386.rpm SHA-256: 28877d5130bfceeaec63c6191a4e729a229454e717b5967db68411d24d7b8463

Red Hat Enterprise Linux Desktop 5

SRPM
firefox-1.5.0.12-3.el5.src.rpm SHA-256: 597464f35cb6a598448b56523e4466c09569f346b329e4f640e480f0a96d5802
x86_64
firefox-1.5.0.12-3.el5.i386.rpm SHA-256: d178769b0ba984cd70c28300315d75316cbdda558c36cc20f8bf240ffbe93063
firefox-1.5.0.12-3.el5.x86_64.rpm SHA-256: d03734fc4fd8ccde0dff337e27fd5281aa1f63c52a3ef2983df0a07ff22ef578
i386
firefox-1.5.0.12-3.el5.i386.rpm SHA-256: d178769b0ba984cd70c28300315d75316cbdda558c36cc20f8bf240ffbe93063

Red Hat Enterprise Linux Desktop 4

SRPM
firefox-1.5.0.12-0.3.el4.src.rpm SHA-256: d0bee522221b7af0da3546ec7070eacad3dc4e27554e5ad8f2111e0b10cd8461
x86_64
firefox-1.5.0.12-0.3.el4.x86_64.rpm SHA-256: ff92c2244843799b4194b58a9f71c70cdfd877dd85ee371ab65af62f726ec416
i386
firefox-1.5.0.12-0.3.el4.i386.rpm SHA-256: 28877d5130bfceeaec63c6191a4e729a229454e717b5967db68411d24d7b8463

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
firefox-1.5.0.12-3.el5.src.rpm SHA-256: 597464f35cb6a598448b56523e4466c09569f346b329e4f640e480f0a96d5802
s390x
firefox-1.5.0.12-3.el5.s390.rpm SHA-256: 56472103ac300c1057ac49d702352e5b819b6c57c9ddeeaed3a026c7380dfe2f
firefox-1.5.0.12-3.el5.s390x.rpm SHA-256: b12ccf4382e014249913cb0f2eaa7ec3e4c0248d9aed081eaa67b25869f3741e
firefox-devel-1.5.0.12-3.el5.s390.rpm SHA-256: 13afa18d8a0bc08552ac662b66371b984546019a12f7a83e636beb12e3bd8dce
firefox-devel-1.5.0.12-3.el5.s390x.rpm SHA-256: f07496b6822c827afcc12b3ecd516db8c807fb60d4303c5bdfab8e35704eb900

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
firefox-1.5.0.12-0.3.el4.src.rpm SHA-256: d0bee522221b7af0da3546ec7070eacad3dc4e27554e5ad8f2111e0b10cd8461
s390x
firefox-1.5.0.12-0.3.el4.s390x.rpm SHA-256: 3363f7d52924608e65e218480bc64f597dea1f71bd8a0e3f894a6a13f3257b6a
s390
firefox-1.5.0.12-0.3.el4.s390.rpm SHA-256: 67ddd531d8a97536f508c4748d427e97c8e93818388643cab2695a39d4e61772

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5

SRPM
firefox-1.5.0.12-0.3.el4.src.rpm SHA-256: d0bee522221b7af0da3546ec7070eacad3dc4e27554e5ad8f2111e0b10cd8461
s390x
firefox-1.5.0.12-0.3.el4.s390x.rpm SHA-256: 3363f7d52924608e65e218480bc64f597dea1f71bd8a0e3f894a6a13f3257b6a
s390
firefox-1.5.0.12-0.3.el4.s390.rpm SHA-256: 67ddd531d8a97536f508c4748d427e97c8e93818388643cab2695a39d4e61772

Red Hat Enterprise Linux for Power, big endian 5

SRPM
firefox-1.5.0.12-3.el5.src.rpm SHA-256: 597464f35cb6a598448b56523e4466c09569f346b329e4f640e480f0a96d5802
ppc
firefox-1.5.0.12-3.el5.ppc.rpm SHA-256: 6829f90ea3e73838018d614f5ea83ad75a1834144a9ffee4481d2c53b4d29999
firefox-devel-1.5.0.12-3.el5.ppc.rpm SHA-256: 21b9e6eb50e556aa78a3560001419e1153a3569c40eb9dcccd1b6885902d7d41

Red Hat Enterprise Linux for Power, big endian 4

SRPM
firefox-1.5.0.12-0.3.el4.src.rpm SHA-256: d0bee522221b7af0da3546ec7070eacad3dc4e27554e5ad8f2111e0b10cd8461
ppc
firefox-1.5.0.12-0.3.el4.ppc.rpm SHA-256: 1bf921b560d7117d79ebaf025d0b3f45cd8f0dca5c6d04f574b8b63a83f5a8bc

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5

SRPM
firefox-1.5.0.12-0.3.el4.src.rpm SHA-256: d0bee522221b7af0da3546ec7070eacad3dc4e27554e5ad8f2111e0b10cd8461
ppc
firefox-1.5.0.12-0.3.el4.ppc.rpm SHA-256: 1bf921b560d7117d79ebaf025d0b3f45cd8f0dca5c6d04f574b8b63a83f5a8bc

Red Hat Enterprise Linux Server from RHUI 5

SRPM
firefox-1.5.0.12-3.el5.src.rpm SHA-256: 597464f35cb6a598448b56523e4466c09569f346b329e4f640e480f0a96d5802
x86_64
firefox-1.5.0.12-3.el5.i386.rpm SHA-256: d178769b0ba984cd70c28300315d75316cbdda558c36cc20f8bf240ffbe93063
firefox-1.5.0.12-3.el5.x86_64.rpm SHA-256: d03734fc4fd8ccde0dff337e27fd5281aa1f63c52a3ef2983df0a07ff22ef578
firefox-devel-1.5.0.12-3.el5.i386.rpm SHA-256: d27431d78ec58783f3c68f79cf25754ff48c48dd608f7a9b2c668bb7e406b41d
firefox-devel-1.5.0.12-3.el5.x86_64.rpm SHA-256: 8d487ce7f595b2491fba2a6088a4266737e08989696d7764ea052076032f684d
i386
firefox-1.5.0.12-3.el5.i386.rpm SHA-256: d178769b0ba984cd70c28300315d75316cbdda558c36cc20f8bf240ffbe93063
firefox-devel-1.5.0.12-3.el5.i386.rpm SHA-256: d27431d78ec58783f3c68f79cf25754ff48c48dd608f7a9b2c668bb7e406b41d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility