Test Kennung:	1.3.6.1.4.1.25623.1.0.802892
Kategorie:	General
Titel:	Mozilla Firefox Multiple Vulnerabilities - July12 (Mac OS X)
Zusammenfassung:	This host is installed with Mozilla firefox and is prone to multiple; vulnerabilities.
Beschreibung:	Summary: This host is installed with Mozilla firefox and is prone to multiple vulnerabilities. Vulnerability Insight: - The improper implementation of drag-and-drop feature, fails to display the URL properly in addressbar. - An error when handling 'feed:' URLs can be exploited to bypass the output filters and execute arbitrary JavaScript code. - The context-menu restrictions for data: URLs are not the same as for javascript: URLs, which allows to conduct XSS attacks. Vulnerability Impact: Successful exploitation could allow attackers to inject scripts, bypass certain security restrictions, execute arbitrary code in the context of the browser. Affected Software/OS: Mozilla Firefox version 4.x through 13.0 Mozilla Firefox ESR version 10.x before 10.0.6 on Mac OS X Solution: Upgrade to Mozilla Firefox version 14.0 or ESR version 10.0.6 or later. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Querverweis:	BugTraq ID: 54585 BugTraq ID: 54579 BugTraq ID: 54577 Common Vulnerability Exposure (CVE) ID: CVE-2012-1950 Debian Security Information: DSA-2514 (Google Search) http://www.debian.org/security/2012/dsa-2514 Debian Security Information: DSA-2528 (Google Search) http://www.debian.org/security/2012/dsa-2528 http://osvdb.org/84008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16970 RedHat Security Advisories: RHSA-2012:1088 http://rhn.redhat.com/errata/RHSA-2012-1088.html http://www.securitytracker.com/id?1027256 http://secunia.com/advisories/49964 http://secunia.com/advisories/49965 http://secunia.com/advisories/49972 http://secunia.com/advisories/49979 http://secunia.com/advisories/49992 SuSE Security Announcement: SUSE-SU-2012:0895 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html SuSE Security Announcement: SUSE-SU-2012:0896 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html SuSE Security Announcement: openSUSE-SU-2012:0899 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html http://www.ubuntu.com/usn/USN-1509-1 http://www.ubuntu.com/usn/USN-1509-2 Common Vulnerability Exposure (CVE) ID: CVE-2012-1965 http://www.securityfocus.com/bid/54579 http://osvdb.org/84012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17001 Common Vulnerability Exposure (CVE) ID: CVE-2012-1966 http://www.securityfocus.com/bid/54577 http://osvdb.org/84009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17037
Copyright	Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.