Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.53919
Kategorie:Slackware Local Security Checks
Titel:Slackware Advisory SSA:2004-223-01 Mozilla
Zusammenfassung:The remote host is missing an update as announced;via advisory SSA:2004-223-01.
Beschreibung:Summary:
The remote host is missing an update as announced
via advisory SSA:2004-223-01.

Vulnerability Insight:
New Mozilla packages are available for Slackware 9.1, 10.0, and -current
to fix a number of security issues. Slackware 10.0 and -current were
upgraded to Mozilla 1.7.2, and Slackware 9.1 was upgraded to Mozilla 1.4.3.
As usual, new versions of Mozilla require new versions of things that link
with the Mozilla libraries, so for Slackware 10.0 and -current new versions
of epiphany, galeon, gaim, and mozilla-plugins have also been provided.
There don't appear to be epiphany and galeon versions that are compatible
with Mozilla 1.4.3 and the GNOME in Slackware 9.1, so these are not
provided and Epiphany and Galeon will be broken on Slackware 9.1 if the
new Mozilla package is installed. Furthermore, earlier versions of
Mozilla (such as the 1.3 series) were not fixed upstream, so versions
of Slackware earlier than 9.1 will remain vulnerable to these browser
issues. If you still use Slackware 9.0 or earlier, you may want to
consider removing Mozilla or upgrading to a newer version.

For more details on the outsanding problems, please visit
the referenced security advisory.

Solution:
Upgrade to the new package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0597
http://lists.apple.com/mhonarc/security-announce/msg00056.html
BugTraq ID: 10857
http://www.securityfocus.com/bid/10857
BugTraq ID: 15495
http://www.securityfocus.com/bid/15495
Bugtraq: 20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png) (Google Search)
http://marc.info/?l=bugtraq&m=109163866717909&w=2
Bugtraq: 20050209 MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit (Google Search)
http://marc.info/?l=bugtraq&m=110796779903455&w=2
Cert/CC Advisory: TA04-217A
http://www.us-cert.gov/cas/techalerts/TA04-217A.html
Cert/CC Advisory: TA05-039A
http://www.us-cert.gov/cas/techalerts/TA05-039A.html
CERT/CC vulnerability note: VU#388984
http://www.kb.cert.org/vuls/id/388984
CERT/CC vulnerability note: VU#817368
http://www.kb.cert.org/vuls/id/817368
Conectiva Linux advisory: CLA-2004:856
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856
Debian Security Information: DSA-536 (Google Search)
http://www.debian.org/security/2004/dsa-536
https://bugzilla.fedora.us/show_bug.cgi?id=1943
http://marc.info/?l=bugtraq&m=109900315219363&w=2
http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml
http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml
HPdes Security Advisory: SSRT4778
http://marc.info/?l=bugtraq&m=109181639602978&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2004:079
http://www.mandriva.com/security/advisories?name=MDKSA-2006:212
http://www.mandriva.com/security/advisories?name=MDKSA-2006:213
http://scary.beasts.org/security/CESA-2004-001.txt
http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10
Microsoft Security Bulletin: MS05-009
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2274
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2378
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A594
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7709
http://www.redhat.com/support/errata/RHSA-2004-402.html
http://www.redhat.com/support/errata/RHSA-2004-421.html
http://www.redhat.com/support/errata/RHSA-2004-429.html
SCO Security Bulletin: SCOSA-2004.16
http://marc.info/?l=bugtraq&m=109761239318458&w=2
SCO Security Bulletin: SCOSA-2005.49
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://secunia.com/advisories/22957
http://secunia.com/advisories/22958
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1
SuSE Security Announcement: SUSE-SA:2004:023 (Google Search)
http://www.novell.com/linux/security/advisories/2004_23_libpng.html
http://www.trustix.net/errata/2004/0040/
XForce ISS Database: libpng-pnghandle-bo(16894)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16894
Common Vulnerability Exposure (CVE) ID: CVE-2004-0598
CERT/CC vulnerability note: VU#236656
http://www.kb.cert.org/vuls/id/236656
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10203
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2572
XForce ISS Database: libpng-pnghandleiccp-dos(16895)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16895
Common Vulnerability Exposure (CVE) ID: CVE-2004-0599
CERT/CC vulnerability note: VU#160448
http://www.kb.cert.org/vuls/id/160448
CERT/CC vulnerability note: VU#286464
http://www.kb.cert.org/vuls/id/286464
CERT/CC vulnerability note: VU#477512
http://www.kb.cert.org/vuls/id/477512
Debian Security Information: DSA-570 (Google Search)
http://www.debian.org/security/2004/dsa-570
Debian Security Information: DSA-571 (Google Search)
http://www.debian.org/security/2004/dsa-571
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10938
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1479
XForce ISS Database: lilbpng-integer-bo(16896)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16896
Common Vulnerability Exposure (CVE) ID: CVE-2004-0763
Bugtraq: 20040726 Mozilla Firefox Certificate Spoofing (Google Search)
http://marc.info/?l=bugtraq&m=109087067730938&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/024372.html
http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3989
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9436
http://secunia.com/advisories/12160/
SuSE Security Announcement: SUSE-SA:2004:036 (Google Search)
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
XForce ISS Database: mozilla-ssl-certificate-spoofing(16796)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16796
Common Vulnerability Exposure (CVE) ID: CVE-2004-0758
CERT/CC vulnerability note: VU#784278
http://www.kb.cert.org/vuls/id/784278
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10304
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3134
XForce ISS Database: mozilla-certificate-dos(16706)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16706
Common Vulnerability Exposure (CVE) ID: CVE-2004-0718
Debian Security Information: DSA-777 (Google Search)
http://www.debian.org/security/2005/dsa-777
Debian Security Information: DSA-810 (Google Search)
http://www.debian.org/security/2005/dsa-810
http://www.mandriva.com/security/advisories?name=MDKSA-2004:082
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4756
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9997
http://secunia.com/advisories/11978
XForce ISS Database: http-frame-spoof(1598)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1598
Common Vulnerability Exposure (CVE) ID: CVE-2004-0722
http://www.idefense.com/application/poi/display?id=117&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4629
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9378
XForce ISS Database: mozilla-netscape-soapparameter-bo(16862)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16862
Common Vulnerability Exposure (CVE) ID: CVE-2004-0757
CERT/CC vulnerability note: VU#561022
http://www.kb.cert.org/vuls/id/561022
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11042
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3250
http://secunia.com/advisories/10856
XForce ISS Database: mozilla-senduidl-pop3-bo(16869)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16869
Common Vulnerability Exposure (CVE) ID: CVE-2004-0759
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11153
XForce ISS Database: mozilla-warning-file-upload(16870)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16870
Common Vulnerability Exposure (CVE) ID: CVE-2004-0760
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11090
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1227
XForce ISS Database: mozilla-modify-mime-type(16691)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16691
Common Vulnerability Exposure (CVE) ID: CVE-2004-0761
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3603
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9240
XForce ISS Database: mozilla-redirect-ssl-spoof(16871)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16871
Common Vulnerability Exposure (CVE) ID: CVE-2004-0762
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html
http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10032
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4403
http://secunia.com/advisories/11999/
XForce ISS Database: mozilla-dialog-code-execution(16623)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16623
Common Vulnerability Exposure (CVE) ID: CVE-2004-0764
BugTraq ID: 10832
http://www.securityfocus.com/bid/10832
CERT/CC vulnerability note: VU#262350
http://www.kb.cert.org/vuls/id/262350
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2418
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9419
http://secunia.com/advisories/12188
XForce ISS Database: mozilla-user-interface-spoofing(16837)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16837
Common Vulnerability Exposure (CVE) ID: CVE-2004-0765
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11162
XForce ISS Database: mozilla-certtesthostname-certificate-spoof(16868)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16868
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.