FreeBSD Local Security Checks : FreeBSD Ports: firefox

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.52175

Kategorie: FreeBSD Local Security Checks

Titel: FreeBSD Ports: firefox

Zusammenfassung: The remote host is missing an update to the system; as announced in the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

firefox
mozilla
linux-mozilla
linux-mozilla-devel
netscape7
de-linux-mozillafirebird
el-linux-mozillafirebird
ja-linux-mozillafirebird-gtk1
ja-mozillafirebird-gtk2
linux-mozillafirebird
ru-linux-mozillafirebird
zhCN-linux-mozillafirebird
zhTW-linux-mozillafirebird
de-linux-netscape
de-netscape7
fr-linux-netscape
fr-netscape7
ja-linux-netscape
ja-netscape7
linux-netscape
linux-phoenix
mozilla+ipv6
mozilla-embedded
mozilla-firebird
mozilla-gtk1
mozilla-gtk2
mozilla-gtk
mozilla-thunderbird
phoenix
pt_BR-netscape7

CVE-2005-0527
Firefox 1.0 allows remote attackers to execute arbitrary code via
plugins that load 'privileged content' into frames, as demonstrated
using certain XUL events when a user drags a scrollbar two times, aka
'Firescrolling.'

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2005-0527
Bugtraq: 20050225 Firescrolling [Firefox 1.0] (Google Search)
http://marc.info/?l=bugtraq&m=110935267500395&w=2
http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml
http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml
http://www.mikx.de/?p=11
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100031
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11772
http://www.redhat.com/support/errata/RHSA-2005-176.html
http://www.redhat.com/support/errata/RHSA-2005-384.html
http://securitytracker.com/id?1013301

Copyright Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.52175
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: firefox
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: firefox mozilla linux-mozilla linux-mozilla-devel netscape7 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 CVE-2005-0527 Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load 'privileged content' into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka 'Firescrolling.' Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0527 Bugtraq: 20050225 Firescrolling [Firefox 1.0] (Google Search) http://marc.info/?l=bugtraq&m=110935267500395&w=2 http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml http://www.mikx.de/?p=11 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11772 http://www.redhat.com/support/errata/RHSA-2005-176.html http://www.redhat.com/support/errata/RHSA-2005-384.html http://securitytracker.com/id?1013301
Copyright	Copyright (C) 2008 E-Soft Inc.