ID de Prueba:	1.3.6.1.4.1.25623.1.0.900844
Categoría:	Denial of Service
Título:	Mozilla Firefox Multiple Denial Of Service Vulnerabilities - Sep09 (Windows)
Resumen:	The host is installed with Firefox browser and is prone to multiple; Denial of Service vulnerabilities.
Descripción:	Summary: The host is installed with Firefox browser and is prone to multiple Denial of Service vulnerabilities. Vulnerability Insight: - Multiple errors in the browser and JavaScript engines can be exploited to corrupt memory. - The warning dialog displayed when adding or removing security modules via 'pkcs11.addmodule' or 'pkcs11.deletemodule' does not contain enough information. This can be exploited to potentially trick a user into installing a malicious PKCS11 module. Vulnerability Impact: A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable application to crash. Affected Software/OS: Mozilla Firefox version prior to 3.0.14 on Windows. Solution: Upgrade to Firefox version 3.0.14 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	BugTraq ID: 36343 Common Vulnerability Exposure (CVE) ID: CVE-2009-3070 http://www.securityfocus.com/bid/36343 Debian Security Information: DSA-1885 (Google Search) http://www.debian.org/security/2009/dsa-1885 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6073 http://www.redhat.com/support/errata/RHSA-2009-1430.html http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36692 http://secunia.com/advisories/37098 SuSE Security Announcement: SUSE-SA:2009:048 (Google Search) http://www.novell.com/linux/security/advisories/2009_48_firefox.html Common Vulnerability Exposure (CVE) ID: CVE-2009-3074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6053 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9444 XForce ISS Database: firefox-javascript-code-exec(53157) https://exchange.xforce.ibmcloud.com/vulnerabilities/53157 Common Vulnerability Exposure (CVE) ID: CVE-2009-3076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9306 http://www.redhat.com/support/errata/RHSA-2009-1431.html http://www.redhat.com/support/errata/RHSA-2009-1432.html http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://www.securitytracker.com/id?1022877 http://secunia.com/advisories/36669 http://www.vupen.com/english/advisories/2010/0650
Copyright	Copyright (C) 2009 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.