Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.851442 |
Kategorie: | SuSE Local Security Checks |
Titel: | openSUSE: Security Advisory for Mozilla (openSUSE-SU-2016:3011-1) |
Zusammenfassung: | The remote host is missing an update for the 'Mozilla'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'Mozilla' package(s) announced via the referenced advisory. Vulnerability Insight: This update to Mozilla Firefox 50.0.2, Thunderbird 45.5.1 and NSS 3.16.2 fixes a number of security issues. The following vulnerabilities were fixed in Mozilla Firefox (MFSA 2016-89): - CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bmo#1292443) - CVE-2016-5292: URL parsing causes crash (bmo#1288482) - CVE-2016-5297: Incorrect argument length checking in Javascript (bmo#1303678) - CVE-2016-9064: Addons update must verify IDs match between current and new versions (bmo#1303418) - CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bmo#1299686) - CVE-2016-9067: heap-use-after-free in nsINode::ReplaceOrInsertBefore (bmo#1301777, bmo#1308922 (CVE-2016-9069)) - CVE-2016-9068: heap-use-after-free in nsRefreshDriver (bmo#1302973) - CVE-2016-9075: WebExtensions can access the mozAddonManager API and use it to gain elevated privileges (bmo#1295324) - CVE-2016-9077: Canvas filters allow feDisplacementMaps to be applied to cross-origin images, allowing timing attacks on them (bmo#1298552) - CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bmo#1292159) - CVE-2016-9070: Sidebar bookmark can have reference to chrome window (bmo#1281071) - CVE-2016-9073: windows.create schema doesn't specify 'format': 'relativeUrl' (bmo#1289273) - CVE-2016-9076: select dropdown menu can be used for URL bar spoofing on e10s (bmo#1276976) - CVE-2016-9063: Possible integer overflow to fix inside XML_Parse in expat (bmo#1274777) - CVE-2016-9071: Probe browser history via HSTS/301 redirect + CSP (bmo#1285003) - CVE-2016-5289: Memory safety bugs fixed in Firefox 50 - CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 The following vulnerabilities were fixed in Mozilla NSS 3.26.1: - CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (bmo#1293334) Mozilla Firefox now requires mozilla-nss 3.26.2. New features in Mozilla Firefox: - Updates to keyboard shortcuts Set a preference to have Ctrl+Tab cycle through tabs in recently used order View a page in Reader Mode by using Ctrl+Alt+R - Added option to Find in page that allows users to limit search to whole words only - Added download protection for a large number of executable file types on Windows, Mac and Linux - Fixed rendering of dashed and dotted borders with rounded corners (border-radius) - Added a built-in Emoji set for operating systems without native Emoji fonts - Blocked versions of libavcodec older than 54.35.1 - additional loc ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: Mozilla on openSUSE 13.1 Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-5289 BugTraq ID: 94337 http://www.securityfocus.com/bid/94337 http://www.securitytracker.com/id/1037298 Common Vulnerability Exposure (CVE) ID: CVE-2016-5290 BugTraq ID: 94335 http://www.securityfocus.com/bid/94335 Debian Security Information: DSA-3730 (Google Search) https://www.debian.org/security/2016/dsa-3730 https://security.gentoo.org/glsa/201701-15 RedHat Security Advisories: RHSA-2016:2780 http://rhn.redhat.com/errata/RHSA-2016-2780.html RedHat Security Advisories: RHSA-2016:2825 http://rhn.redhat.com/errata/RHSA-2016-2825.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5291 BugTraq ID: 94336 http://www.securityfocus.com/bid/94336 Common Vulnerability Exposure (CVE) ID: CVE-2016-5292 Common Vulnerability Exposure (CVE) ID: CVE-2016-5293 Common Vulnerability Exposure (CVE) ID: CVE-2016-5294 Common Vulnerability Exposure (CVE) ID: CVE-2016-5295 Common Vulnerability Exposure (CVE) ID: CVE-2016-5296 BugTraq ID: 94339 http://www.securityfocus.com/bid/94339 Common Vulnerability Exposure (CVE) ID: CVE-2016-5297 Common Vulnerability Exposure (CVE) ID: CVE-2016-5298 Common Vulnerability Exposure (CVE) ID: CVE-2016-5299 Common Vulnerability Exposure (CVE) ID: CVE-2016-9061 Common Vulnerability Exposure (CVE) ID: CVE-2016-9062 Common Vulnerability Exposure (CVE) ID: CVE-2016-9063 Debian Security Information: DSA-3898 (Google Search) https://www.debian.org/security/2017/dsa-3898 http://www.securitytracker.com/id/1039427 Common Vulnerability Exposure (CVE) ID: CVE-2016-9064 Common Vulnerability Exposure (CVE) ID: CVE-2016-9065 BugTraq ID: 94342 http://www.securityfocus.com/bid/94342 Common Vulnerability Exposure (CVE) ID: CVE-2016-9066 Common Vulnerability Exposure (CVE) ID: CVE-2016-9067 Common Vulnerability Exposure (CVE) ID: CVE-2016-9068 Common Vulnerability Exposure (CVE) ID: CVE-2016-9069 Common Vulnerability Exposure (CVE) ID: CVE-2016-9070 Common Vulnerability Exposure (CVE) ID: CVE-2016-9071 Common Vulnerability Exposure (CVE) ID: CVE-2016-9072 Common Vulnerability Exposure (CVE) ID: CVE-2016-9073 Common Vulnerability Exposure (CVE) ID: CVE-2016-9074 BugTraq ID: 94341 http://www.securityfocus.com/bid/94341 https://security.gentoo.org/glsa/201701-46 Common Vulnerability Exposure (CVE) ID: CVE-2016-9075 Common Vulnerability Exposure (CVE) ID: CVE-2016-9076 Common Vulnerability Exposure (CVE) ID: CVE-2016-9077 Common Vulnerability Exposure (CVE) ID: CVE-2016-9078 BugTraq ID: 94569 http://www.securityfocus.com/bid/94569 http://www.securitytracker.com/id/1037353 Common Vulnerability Exposure (CVE) ID: CVE-2016-9079 BugTraq ID: 94591 http://www.securityfocus.com/bid/94591 https://www.exploit-db.com/exploits/41151/ https://www.exploit-db.com/exploits/42327/ https://security.gentoo.org/glsa/201701-35 RedHat Security Advisories: RHSA-2016:2843 http://rhn.redhat.com/errata/RHSA-2016-2843.html RedHat Security Advisories: RHSA-2016:2850 http://rhn.redhat.com/errata/RHSA-2016-2850.html http://www.securitytracker.com/id/1037370 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |