Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.850813 |
Kategorie: | SuSE Local Security Checks |
Titel: | SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0593-1) |
Zusammenfassung: | The remote host is missing an update for the 'Mozilla'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'Mozilla' package(s) announced via the referenced advisory. Vulnerability Insight: MozillaFirefox was updated to the 31.5.3ESR release to fix two security vulnerabilities: MFSA 2015-29 / CVE-2015-0817: Security researcher ilxu1a reported, through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-time compilation (JIT) and its management of bounds checking for heap access. This flaw can be leveraged into the reading and writing of memory allowing for arbitrary code execution on the local system. MFSA 2015-28 / CVE-2015-0818: Security researcher Mariusz Mlynski reported, through HP Zero Day Initiative's Pwn2Own contest, a method to run arbitrary scripts in a privileged context. This bypassed the same-origin policy protections by using a flaw in the processing of SVG format content navigation. Security Issues: * CVE-2015-0817 * CVE-2015-0818 Affected Software/OS: Mozilla on SUSE Linux Enterprise Server 11 SP3 Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-0817 BugTraq ID: 73263 http://www.securityfocus.com/bid/73263 Debian Security Information: DSA-3201 (Google Search) http://www.debian.org/security/2015/dsa-3201 https://security.gentoo.org/glsa/201504-01 RedHat Security Advisories: RHSA-2015:0718 http://rhn.redhat.com/errata/RHSA-2015-0718.html http://www.securitytracker.com/id/1031958 SuSE Security Announcement: SUSE-SU-2015:0593 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00029.html SuSE Security Announcement: SUSE-SU-2015:0630 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00035.html SuSE Security Announcement: openSUSE-SU-2015:0567 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html SuSE Security Announcement: openSUSE-SU-2015:0636 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00096.html http://www.ubuntu.com/usn/USN-2538-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0818 BugTraq ID: 73265 http://www.securityfocus.com/bid/73265 http://www.securitytracker.com/id/1031959 |
Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |