English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.61196
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2008:0549
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0549.

Mozilla Firefox is an open source Web browser.

Multiple flaws were found in the processing of malformed JavaScript
content. A web page containing such malicious content could cause Firefox
to crash or, potentially, execute arbitrary code as the user running
Firefox. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803)

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2008-2798, CVE-2008-2799, CVE-2008-2811)

Several flaws were found in the way malformed web content was displayed. A
web page containing specially-crafted content could potentially trick a
Firefox user into surrendering sensitive information. (CVE-2008-2800)

Two local file disclosure flaws were found in Firefox. A web page
containing malicious content could cause Firefox to reveal the contents of
a local file to a remote attacker. (CVE-2008-2805, CVE-2008-2810)

A flaw was found in the way a malformed .properties file was processed by
Firefox. A malicious extension could read uninitialized memory, possibly
leaking sensitive data to the extension. (CVE-2008-2807)

A flaw was found in the way Firefox escaped a listing of local file names.
If a user could be tricked into listing a local directory containing
malicious file names, arbitrary JavaScript could be run with the
permissions of the user running Firefox. (CVE-2008-2808)

A flaw was found in the way Firefox displayed information about self-signed
certificates. It was possible for a self-signed certificate to contain
multiple alternate name entries, which were not all displayed to the user,
allowing them to mistakenly extend trust to an unknown site.
(CVE-2008-2809)

All Mozilla Firefox users should upgrade to this updated package, which
contains backported patches that correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0549.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-2798
BugTraq ID: 30038
http://www.securityfocus.com/bid/30038
Bugtraq: 20080708 rPSA-2008-0216-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/494080/100/0/threaded
Debian Security Information: DSA-1607 (Google Search)
http://www.debian.org/security/2008/dsa-1607
Debian Security Information: DSA-1615 (Google Search)
http://www.debian.org/security/2008/dsa-1615
Debian Security Information: DSA-1621 (Google Search)
http://www.debian.org/security/2008/dsa-1621
Debian Security Information: DSA-1697 (Google Search)
http://www.debian.org/security/2009/dsa-1697
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html
http://security.gentoo.org/glsa/glsa-200808-03.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:136
http://www.mandriva.com/security/advisories?name=MDVSA-2008:155
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10087
http://www.redhat.com/support/errata/RHSA-2008-0547.html
http://www.redhat.com/support/errata/RHSA-2008-0549.html
http://www.redhat.com/support/errata/RHSA-2008-0569.html
RedHat Security Advisories: RHSA-2008:0616
http://rhn.redhat.com/errata/RHSA-2008-0616.html
http://www.securitytracker.com/id?1020419
http://secunia.com/advisories/30878
http://secunia.com/advisories/30898
http://secunia.com/advisories/30903
http://secunia.com/advisories/30911
http://secunia.com/advisories/30915
http://secunia.com/advisories/30949
http://secunia.com/advisories/31005
http://secunia.com/advisories/31008
http://secunia.com/advisories/31021
http://secunia.com/advisories/31023
http://secunia.com/advisories/31069
http://secunia.com/advisories/31076
http://secunia.com/advisories/31183
http://secunia.com/advisories/31195
http://secunia.com/advisories/31220
http://secunia.com/advisories/31253
http://secunia.com/advisories/31286
http://secunia.com/advisories/31377
http://secunia.com/advisories/31403
http://secunia.com/advisories/33433
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484
SuSE Security Announcement: SUSE-SA:2008:034 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html
http://www.ubuntu.com/usn/usn-619-1
http://www.ubuntu.com/usn/usn-629-1
http://www.vupen.com/english/advisories/2008/1993/references
Common Vulnerability Exposure (CVE) ID: CVE-2008-2799
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10743
Common Vulnerability Exposure (CVE) ID: CVE-2008-2800
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9386
http://secunia.com/advisories/34501
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://www.vupen.com/english/advisories/2009/0977
Common Vulnerability Exposure (CVE) ID: CVE-2008-2801
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11810
Common Vulnerability Exposure (CVE) ID: CVE-2008-2802
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11121
Common Vulnerability Exposure (CVE) ID: CVE-2008-2803
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10747
Common Vulnerability Exposure (CVE) ID: CVE-2008-2805
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10143
Common Vulnerability Exposure (CVE) ID: CVE-2008-2807
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9432
XForce ISS Database: firefox-propertiesfile-info-disclosure(50656)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50656
Common Vulnerability Exposure (CVE) ID: CVE-2008-2808
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9668
Common Vulnerability Exposure (CVE) ID: CVE-2008-2809
Bugtraq: 20071118 Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search)
http://www.securityfocus.com/archive/1/483929/100/100/threaded
Bugtraq: 20071118 RE: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search)
http://www.securityfocus.com/archive/1/483960/100/100/threaded
Bugtraq: 20071118 Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search)
http://www.securityfocus.com/archive/1/483937/100/100/threaded
http://nils.toedtmann.net/pub/subjectAltName.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10205
http://securitytracker.com/id?1018979
http://securityreason.com/securityalert/3498
XForce ISS Database: mozilla-altnames-spoofing(43524)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43524
Common Vulnerability Exposure (CVE) ID: CVE-2008-2810
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9593
Common Vulnerability Exposure (CVE) ID: CVE-2008-2811
CERT/CC vulnerability note: VU#607267
http://www.kb.cert.org/vuls/id/607267
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9865
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.