English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.803055
Categoría:General
Título:Mozilla Firefox Multiple Vulnerabilities-01 November12 (Windows)
Resumen:This host is installed with Mozilla Firefox and is prone to multiple; vulnerabilities.
Descripción:Summary:
This host is installed with Mozilla Firefox and is prone to multiple
vulnerabilities.

Vulnerability Insight:
- The 'location' property can be accessed through 'top.location' with a
frame whose name attributes value is set to 'top'.

- Use-after-free error exists within the functions
'nsTextEditorState::PrepareEditor', 'gfxFont::GetFontEntry',
'nsWindow::OnExposeEvent' and 'nsPlaintextEditor::FireClipboardEvent'.

- An error within the 'evalInSandbox()' when handling the 'location.href'
property.

- Error when rendering GIF images.

Vulnerability Impact:
Successful exploitation could allow attackers to inject scripts, bypass
certain security restrictions, execute arbitrary code in the context of the
browser.

Affected Software/OS:
Mozilla Firefox version before 17.0 on Windows

Solution:
Upgrade to Mozilla Firefox version 17.0 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-4209
BugTraq ID: 56629
http://www.securityfocus.com/bid/56629
http://www.mandriva.com/security/advisories?name=MDVSA-2012:173
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16880
RedHat Security Advisories: RHSA-2012:1482
http://rhn.redhat.com/errata/RHSA-2012-1482.html
RedHat Security Advisories: RHSA-2012:1483
http://rhn.redhat.com/errata/RHSA-2012-1483.html
http://secunia.com/advisories/51359
http://secunia.com/advisories/51360
http://secunia.com/advisories/51369
http://secunia.com/advisories/51370
http://secunia.com/advisories/51381
http://secunia.com/advisories/51434
http://secunia.com/advisories/51439
http://secunia.com/advisories/51440
SuSE Security Announcement: SUSE-SU-2012:1592 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html
SuSE Security Announcement: openSUSE-SU-2012:1583 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html
SuSE Security Announcement: openSUSE-SU-2012:1585 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html
SuSE Security Announcement: openSUSE-SU-2012:1586 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html
SuSE Security Announcement: openSUSE-SU-2013:0175 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html
http://www.ubuntu.com/usn/USN-1636-1
http://www.ubuntu.com/usn/USN-1638-1
http://www.ubuntu.com/usn/USN-1638-2
http://www.ubuntu.com/usn/USN-1638-3
XForce ISS Database: firefox-toplocation-xss(80181)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80181
Common Vulnerability Exposure (CVE) ID: CVE-2012-4214
BugTraq ID: 56628
http://www.securityfocus.com/bid/56628
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16884
XForce ISS Database: firefox-nstexteditorstate-code-exec(80187)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80187
Common Vulnerability Exposure (CVE) ID: CVE-2012-4215
BugTraq ID: 56633
http://www.securityfocus.com/bid/56633
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16690
XForce ISS Database: firefox-fireclipboard-code-exec(80188)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80188
Common Vulnerability Exposure (CVE) ID: CVE-2012-4216
BugTraq ID: 56634
http://www.securityfocus.com/bid/56634
Debian Security Information: DSA-2583 (Google Search)
http://www.debian.org/security/2012/dsa-2583
Debian Security Information: DSA-2584 (Google Search)
http://www.debian.org/security/2012/dsa-2584
Debian Security Information: DSA-2588 (Google Search)
http://www.debian.org/security/2012/dsa-2588
http://osvdb.org/87609
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16902
XForce ISS Database: firefox-getfontentry-code-exec(80189)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80189
Common Vulnerability Exposure (CVE) ID: CVE-2012-4201
BugTraq ID: 56618
http://www.securityfocus.com/bid/56618
http://osvdb.org/87594
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15995
XForce ISS Database: firefox-evalinsandbox-sec-bypass(80171)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80171
Common Vulnerability Exposure (CVE) ID: CVE-2012-4202
BugTraq ID: 56614
http://www.securityfocus.com/bid/56614
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16739
XForce ISS Database: mozilla-firefox-gif-bo(80170)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80170
Common Vulnerability Exposure (CVE) ID: CVE-2012-4207
BugTraq ID: 56632
http://www.securityfocus.com/bid/56632
http://osvdb.org/87587
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16955
XForce ISS Database: firefox-hzgb2312-xss(80179)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80179
Common Vulnerability Exposure (CVE) ID: CVE-2012-5842
BugTraq ID: 56611
http://www.securityfocus.com/bid/56611
http://osvdb.org/87596
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16573
XForce ISS Database: firefox-seamonkey-code-exec(80169)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80169
Common Vulnerability Exposure (CVE) ID: CVE-2012-5841
BugTraq ID: 56631
http://www.securityfocus.com/bid/56631
http://osvdb.org/87588
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16590
XForce ISS Database: mozilla-wrappers-security-bypass(80178)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80178
Common Vulnerability Exposure (CVE) ID: CVE-2012-5829
BugTraq ID: 56636
http://www.securityfocus.com/bid/56636
http://osvdb.org/87608
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16849
SuSE Security Announcement: SUSE-SU-2013:0048 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html
SuSE Security Announcement: SUSE-SU-2013:0049 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html
SuSE Security Announcement: openSUSE-SU-2013:0131 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html
SuSE Security Announcement: openSUSE-SU-2013:0149 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html
http://www.ubuntu.com/usn/USN-1681-1
http://www.ubuntu.com/usn/USN-1681-2
http://www.ubuntu.com/usn/USN-1681-4
XForce ISS Database: firefox-onexposeevent-bo(80195)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80195
Common Vulnerability Exposure (CVE) ID: CVE-2012-5840
BugTraq ID: 56635
http://www.securityfocus.com/bid/56635
http://osvdb.org/87606
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16904
XForce ISS Database: mozilla-prepareeditor-code-exec(80190)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80190
Common Vulnerability Exposure (CVE) ID: CVE-2012-5833
BugTraq ID: 56642
http://www.securityfocus.com/bid/56642
http://osvdb.org/87581
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16748
XForce ISS Database: firefox-teximage2d-calls-code-exec(80184)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80184
Common Vulnerability Exposure (CVE) ID: CVE-2012-5835
BugTraq ID: 56643
http://www.securityfocus.com/bid/56643
http://osvdb.org/87601
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16603
XForce ISS Database: firefox-webgl-bufferdata-overflow(80185)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80185
Common Vulnerability Exposure (CVE) ID: CVE-2012-5839
BugTraq ID: 56637
http://www.securityfocus.com/bid/56637
http://osvdb.org/87607
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16968
XForce ISS Database: firefox-gfxshapedword-bo(80196)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80196
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.