Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.15432
Kategorie:Windows
Titel:Mozilla/Firefox default installation file permission flaw
Zusammenfassung:The remote host is using Mozilla and/or Firefox, an alternative web browser.; The remote version of this software is prone to an improper file permission; setting.;; This flaw only exists if the browser is installed by the Mozilla Foundation; package management, thus this alert might be a false positive.;; A local attacker could overwrite arbitrary files or execute arbitrary code in; the context of the user running the browser.
Beschreibung:Summary:
The remote host is using Mozilla and/or Firefox, an alternative web browser.
The remote version of this software is prone to an improper file permission
setting.

This flaw only exists if the browser is installed by the Mozilla Foundation
package management, thus this alert might be a false positive.

A local attacker could overwrite arbitrary files or execute arbitrary code in
the context of the user running the browser.

Solution:
Update to the latest version of the software

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 11166
Common Vulnerability Exposure (CVE) ID: CVE-2004-0906
BugTraq ID: 11192
http://www.securityfocus.com/bid/11192
CERT/CC vulnerability note: VU#653160
http://www.kb.cert.org/vuls/id/653160
http://security.gentoo.org/glsa/glsa-200409-26.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11668
http://www.redhat.com/support/errata/RHSA-2005-323.html
http://secunia.com/advisories/12526/
SuSE Security Announcement: SUSE-SA:2004:036 (Google Search)
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
XForce ISS Database: mozilla-insecure-file-permissions(17375)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17375
CopyrightCopyright (C) 2004 David Maciejak

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.