Test Kennung:	1.3.6.1.4.1.25623.1.0.880740
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for firefox CESA-2009:1162 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'firefox'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'firefox' package(s) announced via the referenced advisory. Vulnerability Insight: Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466, CVE-2009-2467, CVE-2009-2469, CVE-2009-2471) Several flaws were found in the way Firefox handles malformed JavaScript code. A website containing malicious content could launch a cross-site scripting (XSS) attack or execute arbitrary JavaScript with the permissions of another website. (CVE-2009-2472) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.12. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.12, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. Affected Software/OS: firefox on CentOS 5 Solution: Please install the updated packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2462 BugTraq ID: 35758 http://www.securityfocus.com/bid/35758 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906 RedHat Security Advisories: RHSA-2009:1162 http://rhn.redhat.com/errata/RHSA-2009-1162.html RedHat Security Advisories: RHSA-2009:1163 http://rhn.redhat.com/errata/RHSA-2009-1163.html http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://secunia.com/advisories/35914 http://secunia.com/advisories/35943 http://secunia.com/advisories/35944 http://secunia.com/advisories/35947 http://secunia.com/advisories/36005 http://secunia.com/advisories/36145 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1 SuSE Security Announcement: SUSE-SA:2009:039 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html SuSE Security Announcement: SUSE-SA:2009:042 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html http://www.vupen.com/english/advisories/2009/1972 http://www.vupen.com/english/advisories/2009/2152 http://www.vupen.com/english/advisories/2010/0650 Common Vulnerability Exposure (CVE) ID: CVE-2009-2463 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10369 http://secunia.com/advisories/38977 http://secunia.com/advisories/39001 SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://www.ubuntu.com/usn/USN-915-1 http://www.vupen.com/english/advisories/2010/0648 Common Vulnerability Exposure (CVE) ID: CVE-2009-2464 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9594 Common Vulnerability Exposure (CVE) ID: CVE-2009-2465 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10402 Common Vulnerability Exposure (CVE) ID: CVE-2009-2466 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9820 Common Vulnerability Exposure (CVE) ID: CVE-2009-2467 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10473 http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1 Common Vulnerability Exposure (CVE) ID: CVE-2009-2469 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10030 Common Vulnerability Exposure (CVE) ID: CVE-2009-2471 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10572 Common Vulnerability Exposure (CVE) ID: CVE-2009-2472 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9497
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.