Mozilla Firefox vulnerabilities (CVE-2015-4497 and CVE-2015-4498)

Environment

Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5

Issue

Red Hat Product Security has been made aware of two security vulnerabilities in the Mozilla Firefox web browser:

The first flaw is Important and could be used to bypass the add-on install permission dialog box and possibly result in a malicious add-on to be installed. This flaw has been assigned CVE-2015-4498.
A Critical security flaw has also been found in the canvas rendering used by Firefox, and it has been assigned CVE-2015-4497.

Resolution

Updated information and resolutions are maintained at: Mozilla Firefox vulnerabilities (CVE-2015-4497 and CVE-2015-4498).

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Select Your Language

Mozilla Firefox vulnerabilities (CVE-2015-4497 and CVE-2015-4498)

Environment

Issue

Resolution

Comments

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Environment

Issue

Resolution

Comments

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links