Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.61815
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2008:0978
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0978.

Mozilla Firefox is an open source Web browser.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017,
CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)

Several flaws were found in the way malformed content was processed. A web
site containing specially-crafted content could potentially trick a Firefox
user into surrendering sensitive information. (CVE-2008-5022,
CVE-2008-5023, CVE-2008-5024)

A flaw was found in the way Firefox opened file: URIs. If a file: URI was
loaded in the same tab as a chrome or privileged about: page, the file:
URI could execute arbitrary code with the permissions of the user running
Firefox. (CVE-2008-5015)

For technical details regarding these flaws, please see the Mozilla
security advisories for Firefox 3.0.4. You can find a link to the Mozilla
advisories in the References section.

All firefox users should upgrade to these updated packages, which contain
backported patches that correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0978.html
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.4

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-0017
BugTraq ID: 32281
http://www.securityfocus.com/bid/32281
Cert/CC Advisory: TA08-319A
http://www.us-cert.gov/cas/techalerts/TA08-319A.html
Debian Security Information: DSA-1669 (Google Search)
http://www.debian.org/security/2008/dsa-1669
Debian Security Information: DSA-1671 (Google Search)
http://www.debian.org/security/2008/dsa-1671
Debian Security Information: DSA-1697 (Google Search)
http://www.debian.org/security/2009/dsa-1697
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
ISS Security Advisory: 20081113 Mozilla Unchecked Allocation Remote Code Execution
http://www.iss.net/threats/311.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
https://bugzilla.mozilla.org/show_bug.cgi?id=443299
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11005
http://www.redhat.com/support/errata/RHSA-2008-0977.html
http://www.redhat.com/support/errata/RHSA-2008-0978.html
http://www.securitytracker.com/id?1021185
http://secunia.com/advisories/32684
http://secunia.com/advisories/32693
http://secunia.com/advisories/32694
http://secunia.com/advisories/32695
http://secunia.com/advisories/32713
http://secunia.com/advisories/32714
http://secunia.com/advisories/32721
http://secunia.com/advisories/32778
http://secunia.com/advisories/32845
http://secunia.com/advisories/32853
http://secunia.com/advisories/33433
http://secunia.com/advisories/34501
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
SuSE Security Announcement: SUSE-SA:2008:055 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
http://ubuntu.com/usn/usn-667-1
http://www.vupen.com/english/advisories/2008/3146
http://www.vupen.com/english/advisories/2009/0977
Common Vulnerability Exposure (CVE) ID: CVE-2008-5014
Debian Security Information: DSA-1696 (Google Search)
http://www.debian.org/security/2009/dsa-1696
http://www.mandriva.com/security/advisories?name=MDVSA-2008:235
https://bugzilla.mozilla.org/show_bug.cgi?id=436741
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9157
http://www.redhat.com/support/errata/RHSA-2008-0976.html
http://www.securitytracker.com/id?1021182
http://secunia.com/advisories/32011
http://secunia.com/advisories/32715
http://secunia.com/advisories/32798
http://secunia.com/advisories/33434
Common Vulnerability Exposure (CVE) ID: CVE-2008-5015
https://bugzilla.mozilla.org/show_bug.cgi?id=447579
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11063
http://www.securitytracker.com/id?1021191
Common Vulnerability Exposure (CVE) ID: CVE-2008-5016
https://bugzilla.mozilla.org/buglist.cgi?bug_id=439206,453406,458637,444864,452157,449111,444260,457375,433429,443528,430394
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11356
http://www.securitytracker.com/id?1021183
Common Vulnerability Exposure (CVE) ID: CVE-2008-5017
https://bugzilla.mozilla.org/show_bug.cgi?id=455987
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11436
Common Vulnerability Exposure (CVE) ID: CVE-2008-5018
https://bugzilla.mozilla.org/show_bug.cgi?id=452786
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9872
Common Vulnerability Exposure (CVE) ID: CVE-2008-5019
https://bugzilla.mozilla.org/buglist.cgi?bug_id=459906,460983
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10943
http://www.securitytracker.com/id?1021184
Common Vulnerability Exposure (CVE) ID: CVE-2008-5021
https://bugzilla.mozilla.org/show_bug.cgi?id=460002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642
http://www.securitytracker.com/id?1021186
Common Vulnerability Exposure (CVE) ID: CVE-2008-5022
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11186
http://www.securitytracker.com/id?1021188
Common Vulnerability Exposure (CVE) ID: CVE-2008-5023
https://bugzilla.mozilla.org/show_bug.cgi?id=424733
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9908
http://www.securitytracker.com/id?1021189
Common Vulnerability Exposure (CVE) ID: CVE-2008-5024
https://bugzilla.mozilla.org/show_bug.cgi?id=453915
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9063
http://www.securitytracker.com/id?1021192
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.