English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.56566
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2006:0328
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory RHSA-2006:0328.

Mozilla Firefox is an open source Web browser.

Several bugs were found in the way Firefox processes malformed javascript.
A malicious web page could modify the content of a different open web page,
possibly stealing sensitive information or conducting a cross-site
scripting attack. (CVE-2006-1731, CVE-2006-1732, CVE-2006-1741)

Several bugs were found in the way Firefox processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of chrome, allowing the page to steal
sensitive information or install browser malware. (CVE-2006-1727,
CVE-2006-1728, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1742)

Several bugs were found in the way Firefox processes malformed web pages.
A carefully crafted malicious web page could cause the execution of
arbitrary code as the user running Firefox. (CVE-2006-0749, CVE-2006-1724,
CVE-2006-1730, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739)

A bug was found in the way Firefox displays the secure site icon. If a
browser is configured to display the non-default secure site modal warning
dialog, it may be possible to trick a user into believing they are viewing
a secure site. (CVE-2006-1740)

A bug was found in the way Firefox allows javascript mutation events on
input form elements. A malicious web page could be created in such a way
that when a user submits a form, an arbitrary file could be uploaded to the
attacker. (CVE-2006-1729)

Users of Firefox are advised to upgrade to these updated packages
containing Firefox version 1.0.8 which corrects these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0328.html
http://www.mozilla.com/firefox/releases/1.0.8.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical

CVSS Score:
9.3

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-0749
BugTraq ID: 17516
http://www.securityfocus.com/bid/17516
Bugtraq: 20060417 ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/431126/100/0/threaded
Cert/CC Advisory: TA06-107A
http://www.us-cert.gov/cas/techalerts/TA06-107A.html
CERT/CC vulnerability note: VU#736934
http://www.kb.cert.org/vuls/id/736934
Debian Security Information: DSA-1044 (Google Search)
http://www.debian.org/security/2006/dsa-1044
Debian Security Information: DSA-1046 (Google Search)
http://www.debian.org/security/2006/dsa-1046
Debian Security Information: DSA-1051 (Google Search)
http://www.debian.org/security/2006/dsa-1051
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
HPdes Security Advisory: HPSBTU02118
http://www.securityfocus.com/archive/1/434524/100/0/threaded
HPdes Security Advisory: HPSBUX02122
http://www.securityfocus.com/archive/1/438730/100/0/threaded
HPdes Security Advisory: SSRT061145
HPdes Security Advisory: SSRT061158
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
http://www.zerodayinitiative.com/advisories/ZDI-06-009.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11704
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1848
http://www.redhat.com/support/errata/RHSA-2006-0328.html
http://www.redhat.com/support/errata/RHSA-2006-0329.html
http://www.redhat.com/support/errata/RHSA-2006-0330.html
SCO Security Bulletin: SCOSA-2006.26
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
http://secunia.com/advisories/19631
http://secunia.com/advisories/19696
http://secunia.com/advisories/19714
http://secunia.com/advisories/19721
http://secunia.com/advisories/19729
http://secunia.com/advisories/19746
http://secunia.com/advisories/19759
http://secunia.com/advisories/19780
http://secunia.com/advisories/19794
http://secunia.com/advisories/19811
http://secunia.com/advisories/19821
http://secunia.com/advisories/19823
http://secunia.com/advisories/19852
http://secunia.com/advisories/19862
http://secunia.com/advisories/19863
http://secunia.com/advisories/19902
http://secunia.com/advisories/19941
http://secunia.com/advisories/19950
http://secunia.com/advisories/20051
http://secunia.com/advisories/21033
http://secunia.com/advisories/21622
SGI Security Advisory: 20060404-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
http://securityreason.com/securityalert/729
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
SuSE Security Announcement: SUSE-SA:2006:021 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
SuSE Security Announcement: SUSE-SA:2006:022 (Google Search)
http://www.novell.com/linux/security/advisories/2006_04_25.html
https://usn.ubuntu.com/271-1/
https://usn.ubuntu.com/275-1/
https://usn.ubuntu.com/276-1/
http://www.vupen.com/english/advisories/2006/1356
http://www.vupen.com/english/advisories/2006/3391
XForce ISS Database: mozilla-nshtmlcontentsink-memory-corruption(25819)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25819
Common Vulnerability Exposure (CVE) ID: CVE-2006-1724
CERT/CC vulnerability note: VU#350262
http://www.kb.cert.org/vuls/id/350262
HPdes Security Advisory: HPSBUX02153
http://www.securityfocus.com/archive/1/446658/100/200/threaded
HPdes Security Advisory: HPSBUX02156
http://www.securityfocus.com/archive/1/446657/100/200/threaded
HPdes Security Advisory: SSRT061181
HPdes Security Advisory: SSRT061236
https://bugzilla.mozilla.org/show_bug.cgi?id=282105
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10243
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1901
http://securitytracker.com/id?1015919
http://securitytracker.com/id?1015920
http://securitytracker.com/id?1015921
http://secunia.com/advisories/19649
http://secunia.com/advisories/22065
http://secunia.com/advisories/22066
http://www.vupen.com/english/advisories/2006/3748
http://www.vupen.com/english/advisories/2006/3749
http://www.vupen.com/english/advisories/2008/0083
Common Vulnerability Exposure (CVE) ID: CVE-2006-1727
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10364
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1649
http://securitytracker.com/id?1015926
http://securitytracker.com/id?1015927
http://securitytracker.com/id?1015928
http://securitytracker.com/id?1015929
XForce ISS Database: mozilla-printpreview-privilege-escalation(25824)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25824
Common Vulnerability Exposure (CVE) ID: CVE-2006-1728
CERT/CC vulnerability note: VU#932734
http://www.kb.cert.org/vuls/id/932734
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10508
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1698
http://securitytracker.com/id?1015922
http://securitytracker.com/id?1015923
http://securitytracker.com/id?1015924
http://securitytracker.com/id?1015925
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1
http://www.vupen.com/english/advisories/2007/0058
XForce ISS Database: mozilla-generatecrmfrequest-code-execution(25812)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25812
Common Vulnerability Exposure (CVE) ID: CVE-2006-1729
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929
SuSE Security Announcement: SUSE-SA:2006:035 (Google Search)
http://www.novell.com/linux/security/advisories/2006_35_mozilla.html
XForce ISS Database: mozilla-textbox-file-access(25823)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823
Common Vulnerability Exposure (CVE) ID: CVE-2006-1730
Bugtraq: 20060415 ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/431060/100/0/threaded
CERT/CC vulnerability note: VU#179014
http://www.kb.cert.org/vuls/id/179014
http://www.zerodayinitiative.com/advisories/ZDI-06-010.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614
http://securitytracker.com/id?1015915
http://securitytracker.com/id?1015916
http://securitytracker.com/id?1015917
http://securitytracker.com/id?1015918
http://securityreason.com/securityalert/720
XForce ISS Database: mozilla-css-letterspacing-overflow(25826)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25826
Common Vulnerability Exposure (CVE) ID: CVE-2006-1731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1955
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9604
XForce ISS Database: mozilla-valueof-xss(25820)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25820
Common Vulnerability Exposure (CVE) ID: CVE-2006-1732
https://bugzilla.mozilla.org/show_bug.cgi?id=313373
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10232
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1887
XForce ISS Database: mozilla-windows-controllers-xss(25818)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25818
Common Vulnerability Exposure (CVE) ID: CVE-2006-1733
CERT/CC vulnerability note: VU#488774
http://www.kb.cert.org/vuls/id/488774
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10815
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2020
XForce ISS Database: mozilla-valueof-code-execution(25817)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25817
Common Vulnerability Exposure (CVE) ID: CVE-2006-1734
CERT/CC vulnerability note: VU#842094
http://www.kb.cert.org/vuls/id/842094
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10755
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1247
XForce ISS Database: mozilla-cloneparent-code-execution(25816)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25816
Common Vulnerability Exposure (CVE) ID: CVE-2006-1735
CERT/CC vulnerability note: VU#813230
http://www.kb.cert.org/vuls/id/813230
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930
XForce ISS Database: mozilla-xbl-code-execution(25815)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25815
Common Vulnerability Exposure (CVE) ID: CVE-2006-1737
CERT/CC vulnerability note: VU#329500
http://www.kb.cert.org/vuls/id/329500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829
XForce ISS Database: mozilla-javascript-regexpr-memory-corruption(25808)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25808
Common Vulnerability Exposure (CVE) ID: CVE-2006-1738
CERT/CC vulnerability note: VU#252324
http://www.kb.cert.org/vuls/id/252324
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1687
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9405
XForce ISS Database: mozilla-mozgrid-memory-corruption(25811)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25811
Common Vulnerability Exposure (CVE) ID: CVE-2006-1739
CERT/CC vulnerability note: VU#935556
http://www.kb.cert.org/vuls/id/935556
https://bugzilla.mozilla.org/show_bug.cgi?id=265736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1667
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9817
XForce ISS Database: mozilla-css-memory-corruption(25810)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25810
Common Vulnerability Exposure (CVE) ID: CVE-2006-1740
https://bugzilla.mozilla.org/show_bug.cgi?id=271194
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811
XForce ISS Database: mozilla-secure-site-spoofing(25813)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25813
Common Vulnerability Exposure (CVE) ID: CVE-2006-1741
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1855
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9167
XForce ISS Database: mozilla-eventhandler-xss(25806)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25806
Common Vulnerability Exposure (CVE) ID: CVE-2006-1742
CERT/CC vulnerability note: VU#492382
http://www.kb.cert.org/vuls/id/492382
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808
XForce ISS Database: mozilla-garbage-memory-corruption(25807)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25807
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.