Test Kennung:	1.3.6.1.4.1.25623.1.0.802820
Kategorie:	General
Titel:	Mozilla Products Multiple Vulnerabilities - Mar12 (Windows)
Zusammenfassung:	The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone; to multiple vulnerabilities.
Beschreibung:	Summary: The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to - Multiple unspecified vulnerabilities in the browser engine. - An improper implementation of the nsWindow failing to validate an instance after event dispatching. - An error when handling 'javascript:'. - A use-after-free error exists within the 'nsSMILTimeValueSpec::ConvertBetweenTimeContainers()' function. - An improper implementation of SVG Filters. Vulnerability Impact: Successful exploitation will let attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. Affected Software/OS: SeaMonkey version before 2.8 Thunderbird ESR version 10.x before 10.0.3 Mozilla Firefox ESR version 10.x before 10.0.3 Thunderbird version before 3.1.20 and 5.0 through 10.0 Mozilla Firefox version before 3.6.28 and 4.x through 10.0 Solution: Upgrade to Mozilla Firefox version 3.6.28 or 11.0 or later, upgrade to SeaMonkey version to 2.8 or later, upgrade to Thunderbird version to 3.1.20 or 11 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 52464 BugTraq ID: 52466 BugTraq ID: 52460 BugTraq ID: 52459 BugTraq ID: 52458 BugTraq ID: 52465 BugTraq ID: 52461 Common Vulnerability Exposure (CVE) ID: CVE-2012-0461 Debian Security Information: DSA-2433 (Google Search) http://www.debian.org/security/2012/dsa-2433 Debian Security Information: DSA-2458 (Google Search) http://www.debian.org/security/2012/dsa-2458 http://www.mandriva.com/security/advisories?name=MDVSA-2012:031 http://www.mandriva.com/security/advisories?name=MDVSA-2012:032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15009 RedHat Security Advisories: RHSA-2012:0387 http://rhn.redhat.com/errata/RHSA-2012-0387.html RedHat Security Advisories: RHSA-2012:0388 http://rhn.redhat.com/errata/RHSA-2012-0388.html http://www.securitytracker.com/id?1026801 http://www.securitytracker.com/id?1026803 http://www.securitytracker.com/id?1026804 http://secunia.com/advisories/48359 http://secunia.com/advisories/48402 http://secunia.com/advisories/48414 http://secunia.com/advisories/48495 http://secunia.com/advisories/48496 http://secunia.com/advisories/48513 http://secunia.com/advisories/48553 http://secunia.com/advisories/48561 http://secunia.com/advisories/48624 http://secunia.com/advisories/48629 http://secunia.com/advisories/48823 http://secunia.com/advisories/48920 SuSE Security Announcement: SUSE-SU-2012:0424 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html SuSE Security Announcement: SUSE-SU-2012:0425 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html SuSE Security Announcement: openSUSE-SU-2012:0417 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html http://www.ubuntu.com/usn/USN-1400-1 http://www.ubuntu.com/usn/USN-1400-2 http://www.ubuntu.com/usn/USN-1400-3 http://www.ubuntu.com/usn/USN-1400-4 http://www.ubuntu.com/usn/USN-1400-5 http://www.ubuntu.com/usn/USN-1401-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-0463 http://www.securityfocus.com/bid/52466 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15143 Common Vulnerability Exposure (CVE) ID: CVE-2012-0458 http://www.securityfocus.com/bid/52460 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15122 Common Vulnerability Exposure (CVE) ID: CVE-2012-0457 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14775 Common Vulnerability Exposure (CVE) ID: CVE-2012-0455 http://www.securityfocus.com/bid/52458 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14829 Common Vulnerability Exposure (CVE) ID: CVE-2012-0464 http://www.securityfocus.com/bid/52465 http://pwn2own.zerodayinitiative.com/status.html http://www.zdnet.com/blog/security/mozilla-knew-of-pwn2own-bug-before-cansecwest/10757 http://www.zdnet.com/blog/security/researchers-hack-into-newest-firefox-with-zero-day-flaw/10663 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14170 Common Vulnerability Exposure (CVE) ID: CVE-2012-0456 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15007
Copyright	Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.