ID de Prueba:	1.3.6.1.4.1.25623.1.0.64256
Categoría:	SuSE Local Security Checks
Título:	SuSE Security Advisory SUSE-SA:2009:034 (MozillaFirefox)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory SUSE-SA:2009:034. The Mozilla Firefox browser was updated to version 3.0.11, fixing various bugs and security issues: * MFSA 2009-24/CVE-2009-1392/CVE-2009-1832/CVE-2009-1833 Crashes with evidence of memory corruption (rv:1.9.0.11) * MFSA 2009-25/CVE-2009-1834 (bmo#479413) URL spoofing with invalid unicode characters * MFSA 2009-26/CVE-2009-1835 (bmo#491801) Arbitrary domain cookie access by local file: resources * MFSA 2009-27/CVE-2009-1836 (bmo#479880) SSL tampering via non-200 responses to proxy CONNECT requests * MFSA 2009-28/CVE-2009-1837 (bmo#486269) Race condition while accessing the private data of a NPObject JS wrapper class object * MFSA 2009-29/CVE-2009-1838 (bmo#489131) Arbitrary code execution using event listeners attached to an element whose owner document is null * MFSA 2009-30/CVE-2009-1839 (bmo#479943) Incorrect principal set for file: resources loaded via location bar * MFSA 2009-31/CVE-2009-1840 (bmo#477979) XUL scripts bypass content-policy checks * MFSA 2009-32/CVE-2009-1841 (bmo#479560) JavaScript chrome privilege escalation Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:034 CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1392 BugTraq ID: 35326 http://www.securityfocus.com/bid/35326 BugTraq ID: 35370 http://www.securityfocus.com/bid/35370 Debian Security Information: DSA-1820 (Google Search) http://www.debian.org/security/2009/dsa-1820 Debian Security Information: DSA-1830 (Google Search) http://www.debian.org/security/2009/dsa-1830 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:141 http://osvdb.org/55144 http://osvdb.org/55145 http://osvdb.org/55146 http://osvdb.org/55147 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9501 RedHat Security Advisories: RHSA-2009:1095 https://rhn.redhat.com/errata/RHSA-2009-1095.html RedHat Security Advisories: RHSA-2009:1096 http://rhn.redhat.com/errata/RHSA-2009-1096.html http://www.redhat.com/support/errata/RHSA-2009-1125.html http://www.redhat.com/support/errata/RHSA-2009-1126.html http://securitytracker.com/id?1022376 http://www.securitytracker.com/id?1022397 http://secunia.com/advisories/35331 http://secunia.com/advisories/35415 http://secunia.com/advisories/35428 http://secunia.com/advisories/35431 http://secunia.com/advisories/35439 http://secunia.com/advisories/35440 http://secunia.com/advisories/35468 http://secunia.com/advisories/35536 http://secunia.com/advisories/35561 http://secunia.com/advisories/35602 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1 http://www.ubuntu.com/usn/usn-782-1 http://www.vupen.com/english/advisories/2009/1572 http://www.vupen.com/english/advisories/2009/2152 Common Vulnerability Exposure (CVE) ID: CVE-2009-1832 BugTraq ID: 35371 http://www.securityfocus.com/bid/35371 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html http://osvdb.org/55148 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10237 http://secunia.com/advisories/35882 Common Vulnerability Exposure (CVE) ID: CVE-2009-1833 BugTraq ID: 35372 http://www.securityfocus.com/bid/35372 http://osvdb.org/55152 http://osvdb.org/55153 http://osvdb.org/55154 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11487 Common Vulnerability Exposure (CVE) ID: CVE-2009-1834 BugTraq ID: 35388 http://www.securityfocus.com/bid/35388 http://osvdb.org/55162 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10436 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1 Common Vulnerability Exposure (CVE) ID: CVE-2009-1835 BugTraq ID: 35391 http://www.securityfocus.com/bid/35391 http://osvdb.org/55161 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9803 Common Vulnerability Exposure (CVE) ID: CVE-2009-1836 BugTraq ID: 35380 http://www.securityfocus.com/bid/35380 http://research.microsoft.com/apps/pubs/default.aspx?id=79323 http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf http://osvdb.org/55160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11764 http://www.securitytracker.com/id?1022396 Common Vulnerability Exposure (CVE) ID: CVE-2009-1837 BugTraq ID: 35360 http://www.securityfocus.com/bid/35360 Bugtraq: 20090612 Secunia Research: Mozilla Firefox Java Applet Loading Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504260/100/0/threaded http://secunia.com/secunia_research/2009-19/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10628 http://www.securitytracker.com/id?1022386 http://secunia.com/advisories/34241 Common Vulnerability Exposure (CVE) ID: CVE-2009-1838 BugTraq ID: 35383 http://www.securityfocus.com/bid/35383 http://osvdb.org/55157 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11080 Common Vulnerability Exposure (CVE) ID: CVE-2009-1839 BugTraq ID: 35386 http://www.securityfocus.com/bid/35386 http://osvdb.org/55163 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9256 Common Vulnerability Exposure (CVE) ID: CVE-2009-1840 http://osvdb.org/55158 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9448 http://www.securitytracker.com/id?1022379 XForce ISS Database: firefox-xul-security-bypass(51076) https://exchange.xforce.ibmcloud.com/vulnerabilities/51076 Common Vulnerability Exposure (CVE) ID: CVE-2009-1841 BugTraq ID: 35373 http://www.securityfocus.com/bid/35373 http://osvdb.org/55159 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9815
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.