CentOS Local Security Checks : CentOS Update for firefox CESA-2016:2780 centos5

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882595

Categoría: CentOS Local Security Checks

Título: CentOS Update for firefox CESA-2016:2780 centos5

Resumen: Check for the Version of firefox

Descripción: Summary:
Check for the Version of firefox

Vulnerability Insight:
Mozilla Firefox is an open source web browser.

This update upgrades Firefox to version 45.5.0 ESR.

Security Fix(es):

* Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-5291,
CVE-2016-5290)

* A flaw was found in the way Add-on update process was handled by Firefox.
A Man-in-the-Middle attacker could use this flaw to install a malicious
signed add-on update. (CVE-2016-9064)

Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Abhishek Arya, Andre Bargull, Samuel Grob, Yuyang
Zhou, Olli Pettay, Christian Holler, Ehsan Akhgari, Jon Coppeard, Gary
Kwong, Tooru Fujisawa, Philipp, and Randell Jesup as the original
reporters.

Affected Software/OS:
firefox on CentOS 5

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-5290
BugTraq ID: 94335
http://www.securityfocus.com/bid/94335
Debian Security Information: DSA-3730 (Google Search)
https://www.debian.org/security/2016/dsa-3730
https://security.gentoo.org/glsa/201701-15
RedHat Security Advisories: RHSA-2016:2780
http://rhn.redhat.com/errata/RHSA-2016-2780.html
RedHat Security Advisories: RHSA-2016:2825
http://rhn.redhat.com/errata/RHSA-2016-2825.html
http://www.securitytracker.com/id/1037298
Common Vulnerability Exposure (CVE) ID: CVE-2016-5291
BugTraq ID: 94336
http://www.securityfocus.com/bid/94336
Common Vulnerability Exposure (CVE) ID: CVE-2016-5296
BugTraq ID: 94339
http://www.securityfocus.com/bid/94339
Common Vulnerability Exposure (CVE) ID: CVE-2016-5297
Common Vulnerability Exposure (CVE) ID: CVE-2016-9064
Common Vulnerability Exposure (CVE) ID: CVE-2016-9066

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882595
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for firefox CESA-2016:2780 centos5
Resumen:	Check for the Version of firefox
Descripción:	Summary: Check for the Version of firefox Vulnerability Insight: Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-5291, CVE-2016-5290) * A flaw was found in the way Add-on update process was handled by Firefox. A Man-in-the-Middle attacker could use this flaw to install a malicious signed add-on update. (CVE-2016-9064) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, Andre Bargull, Samuel Grob, Yuyang Zhou, Olli Pettay, Christian Holler, Ehsan Akhgari, Jon Coppeard, Gary Kwong, Tooru Fujisawa, Philipp, and Randell Jesup as the original reporters. Affected Software/OS: firefox on CentOS 5 Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5290 BugTraq ID: 94335 http://www.securityfocus.com/bid/94335 Debian Security Information: DSA-3730 (Google Search) https://www.debian.org/security/2016/dsa-3730 https://security.gentoo.org/glsa/201701-15 RedHat Security Advisories: RHSA-2016:2780 http://rhn.redhat.com/errata/RHSA-2016-2780.html RedHat Security Advisories: RHSA-2016:2825 http://rhn.redhat.com/errata/RHSA-2016-2825.html http://www.securitytracker.com/id/1037298 Common Vulnerability Exposure (CVE) ID: CVE-2016-5291 BugTraq ID: 94336 http://www.securityfocus.com/bid/94336 Common Vulnerability Exposure (CVE) ID: CVE-2016-5296 BugTraq ID: 94339 http://www.securityfocus.com/bid/94339 Common Vulnerability Exposure (CVE) ID: CVE-2016-5297 Common Vulnerability Exposure (CVE) ID: CVE-2016-9064 Common Vulnerability Exposure (CVE) ID: CVE-2016-9066
Copyright	Copyright (C) 2016 Greenbone Networks GmbH