 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.902145 |
| Categoría: | General |
| Título: | Firefox Multiple Vulnerabilities Mar-10 (Windows) |
| Resumen: | The host is installed with Firefox browser and is prone to multiple; vulnerabilities. |
| Descripción: | Summary: The host is installed with Firefox browser and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An use-after-free error in the 'imgContainer::InternalAddFrameHelper' function in 'src/imgContainer.cpp' in 'libpr0n' allows to cause denial of service via a multipart/x-mixed-replace animation. - An error in 'TraceRecorder::traverseScopeChain()' wthin 'js/src/jstracer.cpp' allows to cause a memory corruption via vectors involving certain indirect calls to the JavaScript eval function. - An error while offering plugins in expected window which allows to conduct cross site scripting attacks via vectors that are specific to each affected plugin. Vulnerability Impact: Successful exploitation allows attackers to cause Denial of Service and conduct cross site scripting attacks. Affected Software/OS: Firefox version 3.6 before 3.6.2 on Windows. Solution: Upgrade to Firefox version 3.6.2. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
BugTraq ID: 38918 Common Vulnerability Exposure (CVE) ID: CVE-2010-0164 http://www.securityfocus.com/bid/38918 BugTraq ID: 38921 http://www.securityfocus.com/bid/38921 Bugtraq: 20100402 ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510535/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2010:070 http://www.zerodayinitiative.com/advisories/ZDI-10-047 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8703 http://www.vupen.com/english/advisories/2010/0692 Common Vulnerability Exposure (CVE) ID: CVE-2010-0165 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8472 Common Vulnerability Exposure (CVE) ID: CVE-2010-0170 BugTraq ID: 38919 http://www.securityfocus.com/bid/38919 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8602 Common Vulnerability Exposure (CVE) ID: CVE-2010-0172 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8281 |
| Copyright | Copyright (C) 2010 Greenbone Networks GmbH |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |