Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200501-03 (Mozilla)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.54789

Kategorie: Gentoo Local Security Checks

Titel: Gentoo Security Advisory GLSA 200501-03 (Mozilla)

Zusammenfassung: NOSUMMARY

Beschreibung: Description:
The remote host is missing updates announced in
advisory GLSA 200501-03.

Various vulnerabilities were found and fixed in Mozilla-based products,
ranging from a potential buffer overflow and temporary files disclosure to
anti-spoofing issues.

Solution:
All Mozilla users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-www/mozilla-1.7.5'

All Mozilla binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-www/mozilla-bin-1.7.5'

All Firefox users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-www/mozilla-firefox-1.0'

All Firefox binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-www/mozilla-firefox-bin-1.0'

All Thunderbird users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=mail-client/mozilla-thunderbird-0.9'

All Thunderbird binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=mail-client/mozilla-thunderbird-bin-0.9'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200501-03
http://bugs.gentoo.org/show_bug.cgi?id=76112
http://bugs.gentoo.org/show_bug.cgi?id=68976
http://bugs.gentoo.org/show_bug.cgi?id=70749
http://isec.pl/vulnerabilities/isec-0020-mozilla.txt
http://broadcast.ptraced.net/advisories/008-firefox.thunderbird.txt
http://secunia.com/advisories/13144/

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-2227
http://security.gentoo.org/glsa/glsa-200501-03.xml
https://bugzilla.mozilla.org/show_bug.cgi?id=234416
http://www.osvdb.org/11591
http://secunia.com/advisories/13144
http://secunia.com/advisories/13724
XForce ISS Database: mozilla-firefox-ext-spoof(18016)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18016
Common Vulnerability Exposure (CVE) ID: CVE-2004-2228
BugTraq ID: 11644
http://www.securityfocus.com/bid/11644
http://www.osvdb.org/11592
XForce ISS Database: mozilla-firefox-gain-privileges(18017)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18017

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.54789
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200501-03 (Mozilla)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200501-03. Various vulnerabilities were found and fixed in Mozilla-based products, ranging from a potential buffer overflow and temporary files disclosure to anti-spoofing issues. Solution: All Mozilla users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mozilla-1.7.5' All Mozilla binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mozilla-bin-1.7.5' All Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mozilla-firefox-1.0' All Firefox binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mozilla-firefox-bin-1.0' All Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-0.9' All Thunderbird binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-0.9' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200501-03 http://bugs.gentoo.org/show_bug.cgi?id=76112 http://bugs.gentoo.org/show_bug.cgi?id=68976 http://bugs.gentoo.org/show_bug.cgi?id=70749 http://isec.pl/vulnerabilities/isec-0020-mozilla.txt http://broadcast.ptraced.net/advisories/008-firefox.thunderbird.txt http://secunia.com/advisories/13144/ CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2227 http://security.gentoo.org/glsa/glsa-200501-03.xml https://bugzilla.mozilla.org/show_bug.cgi?id=234416 http://www.osvdb.org/11591 http://secunia.com/advisories/13144 http://secunia.com/advisories/13724 XForce ISS Database: mozilla-firefox-ext-spoof(18016) https://exchange.xforce.ibmcloud.com/vulnerabilities/18016 Common Vulnerability Exposure (CVE) ID: CVE-2004-2228 BugTraq ID: 11644 http://www.securityfocus.com/bid/11644 http://www.osvdb.org/11592 XForce ISS Database: mozilla-firefox-gain-privileges(18017) https://exchange.xforce.ibmcloud.com/vulnerabilities/18017
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com