Test Kennung:	1.3.6.1.4.1.25623.1.0.60376
Kategorie:	SuSE Local Security Checks
Titel:	SuSE Security Advisory SUSE-SA:2008:008 (MozillaFirefox,seamonkey)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory SUSE-SA:2008:008. The web browser Mozilla Firefox has been brought to security update version 2.0.0.12. The Firefox versions was upgraded to 2.0.0.12 on: - SUSE Linux 10.1, openSUSE 10.2 and 10.3 - SUSE Linux Enterprise Server and Desktop 10 All Firefox fixes were also back ported to the Firefox 1.5.0.14 version in Novell Linux Desktop 9. Also released were Mozilla Seamonkey Suite 1.8.1.12 packages for openSUSE 10.2 and 10.3. All Mozilla Seamonkey fixes were back ported to the SUSE Linux 10.1 seamonkey 1.8.0 version. Following security problems were fixed: - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412/CVE-2008-0413 Crashes with evidence of memory corruption (rv:1.8.1.12) Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2008:008 Risk factor : Critical CVSS Score: 9.3
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0412 BugTraq ID: 27683 http://www.securityfocus.com/bid/27683 Bugtraq: 20080209 rPSA-2008-0051-1 firefox (Google Search) http://www.securityfocus.com/archive/1/487826/100/0/threaded Bugtraq: 20080212 FLEA-2008-0001-1 firefox (Google Search) http://www.securityfocus.com/archive/1/488002/100/0/threaded Bugtraq: 20080229 rPSA-2008-0093-1 thunderbird (Google Search) http://www.securityfocus.com/archive/1/488971/100/0/threaded Debian Security Information: DSA-1484 (Google Search) http://www.debian.org/security/2008/dsa-1484 Debian Security Information: DSA-1485 (Google Search) http://www.debian.org/security/2008/dsa-1485 Debian Security Information: DSA-1489 (Google Search) http://www.debian.org/security/2008/dsa-1489 Debian Security Information: DSA-1506 (Google Search) http://www.debian.org/security/2008/dsa-1506 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:048 http://www.mandriva.com/security/advisories?name=MDVSA-2008:062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10573 http://www.redhat.com/support/errata/RHSA-2008-0103.html http://www.redhat.com/support/errata/RHSA-2008-0104.html http://www.redhat.com/support/errata/RHSA-2008-0105.html http://www.securitytracker.com/id?1019320 http://secunia.com/advisories/28754 http://secunia.com/advisories/28758 http://secunia.com/advisories/28766 http://secunia.com/advisories/28808 http://secunia.com/advisories/28815 http://secunia.com/advisories/28818 http://secunia.com/advisories/28839 http://secunia.com/advisories/28864 http://secunia.com/advisories/28865 http://secunia.com/advisories/28877 http://secunia.com/advisories/28879 http://secunia.com/advisories/28924 http://secunia.com/advisories/28939 http://secunia.com/advisories/28958 http://secunia.com/advisories/29049 http://secunia.com/advisories/29086 http://secunia.com/advisories/29098 http://secunia.com/advisories/29164 http://secunia.com/advisories/29167 http://secunia.com/advisories/29211 http://secunia.com/advisories/29567 http://secunia.com/advisories/30327 http://secunia.com/advisories/30620 http://secunia.com/advisories/31043 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.445399 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1 SuSE Security Announcement: SUSE-SA:2008:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html http://www.ubuntu.com/usn/usn-576-1 http://www.ubuntu.com/usn/usn-582-1 http://www.ubuntu.com/usn/usn-582-2 http://www.vupen.com/english/advisories/2008/0453/references http://www.vupen.com/english/advisories/2008/0454/references http://www.vupen.com/english/advisories/2008/0627/references http://www.vupen.com/english/advisories/2008/1793/references http://www.vupen.com/english/advisories/2008/2091/references Common Vulnerability Exposure (CVE) ID: CVE-2008-0413 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10385 http://www.securitytracker.com/id?1019321 Common Vulnerability Exposure (CVE) ID: CVE-2008-0414 http://www.securitytracker.com/id?1019330 Common Vulnerability Exposure (CVE) ID: CVE-2008-0415 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9897 http://www.securitytracker.com/id?1019327 Common Vulnerability Exposure (CVE) ID: CVE-2008-0417 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11154 http://www.securitytracker.com/id?1019334 Common Vulnerability Exposure (CVE) ID: CVE-2008-0418 BugTraq ID: 27406 http://www.securityfocus.com/bid/27406 CERT/CC vulnerability note: VU#309608 http://www.kb.cert.org/vuls/id/309608 http://www.hiredhacker.com/2008/01/19/firefox-chrome-url-handling-directory-traversal/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10705 http://www.securitytracker.com/id?1019329 http://secunia.com/advisories/28622/ http://www.vupen.com/english/advisories/2008/0263 Common Vulnerability Exposure (CVE) ID: CVE-2008-0419 CERT/CC vulnerability note: VU#879056 http://www.kb.cert.org/vuls/id/879056 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11652 http://www.securitytracker.com/id?1019328 Common Vulnerability Exposure (CVE) ID: CVE-2008-0591 BugTraq ID: 24293 http://www.securityfocus.com/bid/24293 Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/470446/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html http://lcamtuf.coredump.cx/ffclick2/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10900 http://www.securitytracker.com/id?1019339 http://securityreason.com/securityalert/2781 Common Vulnerability Exposure (CVE) ID: CVE-2008-0592 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9972 http://www.securitytracker.com/id?1019340 Common Vulnerability Exposure (CVE) ID: CVE-2008-0593 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10075 http://www.securitytracker.com/id?1019341 Common Vulnerability Exposure (CVE) ID: CVE-2008-0594 http://www.securitytracker.com/id?1019342
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.