English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.68579
Categoría:Mandrake Local Security Checks
Título:Mandriva Security Advisory MDVSA-2010:251 (firefox)
Resumen:NOSUMMARY
Descripción:Description:
The remote host is missing an update to firefox
announced via advisory MDVSA-2010:251.

Security issues were identified and fixed in firefox:

Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that
the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are
vulnerable to XSS attacks due to some characters being converted to
angle brackets when displayed by the rendering engine. Sites using
these character encodings would thus be potentially vulnerable to
script injection attacks if their script filtering code fails to
strip out these specific characters (CVE-2010-3770).

Google security researcher Michal Zalewski reported that when a
window was opened to a site resulting in a network or certificate
error page, the opening site could access the document inside the
opened window and inject arbitrary content. An attacker could use
this bug to spoof the location bar and trick a user into thinking
they were on a different site than they actually were (CVE-2010-3774).

Mozilla security researcher moz_bug_r_a4 reported that the fix for
CVE-2010-0179 could be circumvented permitting the execution of
arbitrary JavaScript with chrome privileges (CVE-2010-3773).

Security researcher regenrecht reported via TippingPoint's Zero
Day Initiative that JavaScript arrays were vulnerable to an integer
overflow vulnerability. The report demonstrated that an array could
be constructed containing a very large number of items such that when
memory was allocated to store the array items, the integer value used
to calculate the buffer size would overflow resulting in too small a
buffer being allocated. Subsequent use of the array object could then
result in data being written past the end of the buffer and causing
memory corruption (CVE-2010-3767).

Security researcher regenrecht reported via TippingPoint's Zero Day
Initiative that a nsDOMAttribute node can be modified without informing
the iterator object responsible for various DOM traversals. This
flaw could lead to a inconsistent state where the iterator points
to an object it believes is part of the DOM but actually points to
some other object. If such an object had been deleted and its memory
reclaimed by the system, then the iterator could be used to call into
attacker-controlled memory (CVE-2010-3766).

Security researcher Gregory Fleischer reported that when a Java
LiveConnect script was loaded via a data: URL which redirects via a
meta refresh, then the resulting plugin object was created with the
wrong security principal and thus received elevated privileges such
as the abilities to read local files, launch processes, and create
network connections (CVE-2010-3775).

Mozilla added the OTS font sanitizing library to prevent downloadable
fonts from exposing vulnerabilities in the underlying OS font
code. This library mitigates against several issues independently
reported by Red Hat Security Response Team member Marc Schoenefeld
and Mozilla security researcher Christoph Diehl (CVE-2010-3768).

Security researcher wushi of team509 reported that when a XUL tree
had an HTML
element nested inside a element then
code attempting to display content in the XUL tree would incorrectly
treat the
element as a parent node to tree content underneath
it resulting in incorrect indexes being calculated for the child
content. These incorrect indexes were used in subsequent array
operations which resulted in writing data past the end of an allocated
buffer. An attacker could use this issue to crash a victim's browser
and run arbitrary code on their machine (CVE-2010-3772).

Security researcher echo reported that a web page could open a window
with an about:blank location and then inject an element
into that page which upon submission would redirect to a chrome:
document. The effect of this defect was that the original page would
wind up with a reference to a chrome-privileged object, the opened
window, which could be leveraged for privilege escalation attacks
(CVE-2010-3771).

Dirk Heinrich reported that on Windows platforms when document.write()
was called with a very long string a buffer overflow was caused in line
breaking routines attempting to process the string for display. Such
cases triggered an invalid read past the end of an array causing a
crash which an attacker could potentially use to run arbitrary code
on a victim's computer (CVE-2010-3769).

Mozilla developers identified and fixed several memory safety
bugs in the browser engine used in Firefox and other Mozilla-based
products. Some of these bugs showed evidence of memory corruption
under certain circumstances, and we presume that with enough effort
at least some of these could be exploited to run arbitrary code
(CVE-2010-3776, CVE-2010-3777).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

Additionally, some packages which require so, have been rebuilt and
are being provided as updates.

Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:251
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3770
BugTraq ID: 45353
http://www.securityfocus.com/bid/45353
Debian Security Information: DSA-2132 (Google Search)
http://www.debian.org/security/2010/dsa-2132
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:251
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12348
http://www.redhat.com/support/errata/RHSA-2010-0966.html
http://www.securitytracker.com/id?1024851
http://secunia.com/advisories/42716
http://secunia.com/advisories/42818
SuSE Security Announcement: SUSE-SA:2011:003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html
http://www.ubuntu.com/usn/USN-1019-1
http://www.vupen.com/english/advisories/2011/0030
Common Vulnerability Exposure (CVE) ID: CVE-2010-3774
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12512
http://www.securitytracker.com/id?1024850
Common Vulnerability Exposure (CVE) ID: CVE-2010-0179
BugTraq ID: 39124
http://www.securityfocus.com/bid/39124
Debian Security Information: DSA-2027 (Google Search)
http://www.debian.org/security/2010/dsa-2027
http://www.mandriva.com/security/advisories?name=MDVSA-2010:070
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6971
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9446
http://www.redhat.com/support/errata/RHSA-2010-0332.html
http://securitytracker.com/id?1023783
http://secunia.com/advisories/3924
http://secunia.com/advisories/39243
http://secunia.com/advisories/39308
http://secunia.com/advisories/39397
SuSE Security Announcement: SUSE-SR:2010:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://ubuntu.com/usn/usn-921-1
http://www.vupen.com/english/advisories/2010/0748
http://www.vupen.com/english/advisories/2010/0764
http://www.vupen.com/english/advisories/2010/0781
http://www.vupen.com/english/advisories/2010/0849
XForce ISS Database: firefox-firebug-code-execution(57394)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57394
Common Vulnerability Exposure (CVE) ID: CVE-2010-3773
BugTraq ID: 45354
http://www.securityfocus.com/bid/45354
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11960
Common Vulnerability Exposure (CVE) ID: CVE-2010-3767
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12610
http://www.redhat.com/support/errata/RHSA-2010-0967.html
http://www.redhat.com/support/errata/RHSA-2010-0968.html
http://www.securitytracker.com/id?1024848
Common Vulnerability Exposure (CVE) ID: CVE-2010-3766
BugTraq ID: 45326
http://www.securityfocus.com/bid/45326
http://www.zerodayinitiative.com/advisories/ZDI-10-264/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12649
Common Vulnerability Exposure (CVE) ID: CVE-2010-3775
BugTraq ID: 45355
http://www.securityfocus.com/bid/45355
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11666
Common Vulnerability Exposure (CVE) ID: CVE-2010-3768
BugTraq ID: 45352
http://www.securityfocus.com/bid/45352
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:258
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12533
http://www.redhat.com/support/errata/RHSA-2010-0969.html
http://www.securitytracker.com/id?1024846
http://www.ubuntu.com/usn/USN-1020-1
Common Vulnerability Exposure (CVE) ID: CVE-2010-3772
BugTraq ID: 45351
http://www.securityfocus.com/bid/45351
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12324
Common Vulnerability Exposure (CVE) ID: CVE-2010-3771
BugTraq ID: 45346
http://www.securityfocus.com/bid/45346
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12343
Common Vulnerability Exposure (CVE) ID: CVE-2010-3769
BugTraq ID: 45345
http://www.securityfocus.com/bid/45345
http://osvdb.org/69771
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12342
Common Vulnerability Exposure (CVE) ID: CVE-2010-3776
BugTraq ID: 45347
http://www.securityfocus.com/bid/45347
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12389
Common Vulnerability Exposure (CVE) ID: CVE-2010-3777
BugTraq ID: 45348
http://www.securityfocus.com/bid/45348
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12468
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.