Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:Slackware Local Security Checks
Titel:Slackware Advisory SSA:2004-223-01 Mozilla
Zusammenfassung:The remote host is missing an update as announced;via advisory SSA:2004-223-01.
The remote host is missing an update as announced
via advisory SSA:2004-223-01.

Vulnerability Insight:
New Mozilla packages are available for Slackware 9.1, 10.0, and -current
to fix a number of security issues. Slackware 10.0 and -current were
upgraded to Mozilla 1.7.2, and Slackware 9.1 was upgraded to Mozilla 1.4.3.
As usual, new versions of Mozilla require new versions of things that link
with the Mozilla libraries, so for Slackware 10.0 and -current new versions
of epiphany, galeon, gaim, and mozilla-plugins have also been provided.
There don't appear to be epiphany and galeon versions that are compatible
with Mozilla 1.4.3 and the GNOME in Slackware 9.1, so these are not
provided and Epiphany and Galeon will be broken on Slackware 9.1 if the
new Mozilla package is installed. Furthermore, earlier versions of
Mozilla (such as the 1.3 series) were not fixed upstream, so versions
of Slackware earlier than 9.1 will remain vulnerable to these browser
issues. If you still use Slackware 9.0 or earlier, you may want to
consider removing Mozilla or upgrading to a newer version.

For more details on the outsanding problems, please visit
the referenced security advisory.

Upgrade to the new package(s).

CVSS Score:

CVSS Vector:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0597
BugTraq ID: 10857
BugTraq ID: 15495
Bugtraq: 20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png) (Google Search)
Bugtraq: 20050209 MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit (Google Search)
Cert/CC Advisory: TA04-217A
Cert/CC Advisory: TA05-039A
CERT/CC vulnerability note: VU#388984
CERT/CC vulnerability note: VU#817368
Conectiva Linux advisory: CLA-2004:856
Debian Security Information: DSA-536 (Google Search)
HPdes Security Advisory: SSRT4778
Microsoft Security Bulletin: MS05-009
SCO Security Bulletin: SCOSA-2004.16
SCO Security Bulletin: SCOSA-2005.49
SuSE Security Announcement: SUSE-SA:2004:023 (Google Search)
XForce ISS Database: libpng-pnghandle-bo(16894)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0598
CERT/CC vulnerability note: VU#236656
XForce ISS Database: libpng-pnghandleiccp-dos(16895)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0599
CERT/CC vulnerability note: VU#160448
CERT/CC vulnerability note: VU#286464
CERT/CC vulnerability note: VU#477512
Debian Security Information: DSA-570 (Google Search)
Debian Security Information: DSA-571 (Google Search)
XForce ISS Database: lilbpng-integer-bo(16896)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0763
Bugtraq: 20040726 Mozilla Firefox Certificate Spoofing (Google Search)
SuSE Security Announcement: SUSE-SA:2004:036 (Google Search)
XForce ISS Database: mozilla-ssl-certificate-spoofing(16796)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0758
CERT/CC vulnerability note: VU#784278
XForce ISS Database: mozilla-certificate-dos(16706)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0718
Debian Security Information: DSA-777 (Google Search)
Debian Security Information: DSA-810 (Google Search)
XForce ISS Database: http-frame-spoof(1598)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0722
XForce ISS Database: mozilla-netscape-soapparameter-bo(16862)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0757
CERT/CC vulnerability note: VU#561022
XForce ISS Database: mozilla-senduidl-pop3-bo(16869)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0759
XForce ISS Database: mozilla-warning-file-upload(16870)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0760
XForce ISS Database: mozilla-modify-mime-type(16691)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0761
XForce ISS Database: mozilla-redirect-ssl-spoof(16871)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0762
XForce ISS Database: mozilla-dialog-code-execution(16623)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0764
BugTraq ID: 10832
CERT/CC vulnerability note: VU#262350
XForce ISS Database: mozilla-user-interface-spoofing(16837)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0765
XForce ISS Database: mozilla-certtesthostname-certificate-spoof(16868)
CopyrightCopyright (c) 2012 E-Soft Inc.

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.