Test Kennung:	1.3.6.1.4.1.25623.1.0.850526
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for Mozilla (openSUSE-SU-2013:1334-1)
Zusammenfassung:	The remote host is missing an update for the 'Mozilla'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'Mozilla' package(s) announced via the referenced advisory. Vulnerability Insight: This patch contains updates for - Firefox to 23.0 - xulrunner to 17.0.8esr - Thunderbird to 17.0.8 - mozilla-nspr to 4.10 - mozilla-nss to 3.15, 1 * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system Affected Software/OS: Mozilla on openSUSE 11.4 Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1701 BugTraq ID: 61874 http://www.securityfocus.com/bid/61874 Debian Security Information: DSA-2735 (Google Search) http://www.debian.org/security/2013/dsa-2735 Debian Security Information: DSA-2746 (Google Search) http://www.debian.org/security/2013/dsa-2746 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18514 Common Vulnerability Exposure (CVE) ID: CVE-2013-1702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18876 Common Vulnerability Exposure (CVE) ID: CVE-2013-1704 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18945 Common Vulnerability Exposure (CVE) ID: CVE-2013-1705 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18935 SuSE Security Announcement: openSUSE-SU-2013:1496 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-09/msg00060.html SuSE Security Announcement: openSUSE-SU-2013:1633 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2013-1708 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18803 Common Vulnerability Exposure (CVE) ID: CVE-2013-1709 BugTraq ID: 61867 http://www.securityfocus.com/bid/61867 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18531 Common Vulnerability Exposure (CVE) ID: CVE-2013-1710 BugTraq ID: 61900 http://www.securityfocus.com/bid/61900 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18773 Common Vulnerability Exposure (CVE) ID: CVE-2013-1711 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18830 Common Vulnerability Exposure (CVE) ID: CVE-2013-1713 BugTraq ID: 61876 http://www.securityfocus.com/bid/61876 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18884 Common Vulnerability Exposure (CVE) ID: CVE-2013-1714 BugTraq ID: 61882 http://www.securityfocus.com/bid/61882 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18002 Common Vulnerability Exposure (CVE) ID: CVE-2013-1717 BugTraq ID: 61896 http://www.securityfocus.com/bid/61896 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18367
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.