Test Kennung:	1.3.6.1.4.1.25623.1.0.802895
Kategorie:	General
Titel:	Mozilla Products Memory Corruption Vulnerabilities - July12 (Windows)
Zusammenfassung:	This host is installed with Mozilla firefox/thunderbird/seamonkey and is; prone to multiple vulnerabilities.
Beschreibung:	Summary: This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. Vulnerability Insight: - An out-of-bounds read error in the qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation, can be exploited to disclose certain process memory via a crafted color profile. - Multiple unspecified errors within the browser engine can be exploited to corrupt memory. Vulnerability Impact: Successful exploitation could allow attackers to obtain sensitive information, execute arbitrary code in the context of the browser or cause a denial of service. Affected Software/OS: SeaMonkey version before 2.11 Thunderbird version 5.0 through 13.0 Mozilla Firefox version 4.x through 13.0 on Windows Solution: Upgrade to Mozilla Firefox version 14.0 or later, upgrade to SeaMonkey version to 2.11 or later, upgrade to Thunderbird version to 14.0 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 54580 BugTraq ID: 54572 Common Vulnerability Exposure (CVE) ID: CVE-2012-1949 http://www.securityfocus.com/bid/54580 http://osvdb.org/84006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17027 http://www.securitytracker.com/id?1027256 http://www.securitytracker.com/id?1027257 http://www.securitytracker.com/id?1027258 http://secunia.com/advisories/49965 http://secunia.com/advisories/49968 http://secunia.com/advisories/49972 http://secunia.com/advisories/49992 http://secunia.com/advisories/49993 http://secunia.com/advisories/49994 SuSE Security Announcement: SUSE-SU-2012:0895 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html SuSE Security Announcement: SUSE-SU-2012:0896 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html SuSE Security Announcement: openSUSE-SU-2012:0899 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html SuSE Security Announcement: openSUSE-SU-2012:0917 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html http://www.ubuntu.com/usn/USN-1509-1 http://www.ubuntu.com/usn/USN-1509-2 http://www.ubuntu.com/usn/USN-1510-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-1960 http://www.securityfocus.com/bid/54572 http://osvdb.org/84010 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16735
Copyright	Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.