English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.55515
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 838-1 (mozilla-firefox)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to mozilla-firefox
announced via advisory DSA 838-1.

Multiple security vulnerabilities have been identified in the
mozilla-firefox web browser. These vulnerabilities could allow an
attacker to execute code on the victim's machine via specially crafted
network resources.

CVE-2005-2701
Heap overrun in XBM image processing

CVE-2005-2702
Denial of service (crash) and possible execution of arbitrary
code via Unicode sequences with zero-width non-joiner
characters.

CVE-2005-2703
XMLHttpRequest header spoofing

CVE-2005-2704
Object spoofing using XBL

CVE-2005-2705
JavaScript integer overflow

CVE-2005-2706
Privilege escalation using about: scheme

CVE-2005-2707
Chrome window spoofing allowing windows to be created without
UI components such as a URL bar or status bar that could be
used to carry out phishing attacks

For the stable distribution (sarge), these problems have been fixed in
version 1.0.4-2sarge5

For the unstable distribution (sid), these problems have been fixed in
version 1.0.7-1

We recommend that you upgrade your mozilla-firefox package.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%20838-1

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2005-2701
BugTraq ID: 14916
http://www.securityfocus.com/bid/14916
BugTraq ID: 15495
http://www.securityfocus.com/bid/15495
Debian Security Information: DSA-838 (Google Search)
http://www.debian.org/security/2005/dsa-838
Debian Security Information: DSA-866 (Google Search)
http://www.debian.org/security/2005/dsa-866
Debian Security Information: DSA-868 (Google Search)
http://www.debian.org/security/2005/dsa-868
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
http://www.osvdb.org/19643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1480
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9323
http://www.redhat.com/support/errata/RHSA-2005-785.html
http://www.redhat.com/support/errata/RHSA-2005-789.html
SCO Security Bulletin: SCOSA-2005.49
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://securitytracker.com/id?1014954
http://secunia.com/advisories/16911
http://secunia.com/advisories/16917
http://secunia.com/advisories/16977
http://secunia.com/advisories/17014
http://secunia.com/advisories/17026
http://secunia.com/advisories/17149
http://secunia.com/advisories/17263
http://secunia.com/advisories/17284
SuSE Security Announcement: SUSE-SA:2005:058 (Google Search)
http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
http://www.ubuntu.com/usn/usn-200-1
http://www.vupen.com/english/advisories/2005/1824
XForce ISS Database: mozilla-xbm-bo(22373)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22373
Common Vulnerability Exposure (CVE) ID: CVE-2005-2702
BugTraq ID: 14918
http://www.securityfocus.com/bid/14918
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11609
http://www.redhat.com/support/errata/RHSA-2005-791.html
http://secunia.com/advisories/17042
http://secunia.com/advisories/17090
XForce ISS Database: mozilla-zerowidthnonjoiner-stack-corruption(22375)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22375
Common Vulnerability Exposure (CVE) ID: CVE-2005-2703
BugTraq ID: 14923
http://www.securityfocus.com/bid/14923
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089
XForce ISS Database: mozilla-xmlhttprequest-spoofing(22376)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22376
Common Vulnerability Exposure (CVE) ID: CVE-2005-2704
BugTraq ID: 14921
http://www.securityfocus.com/bid/14921
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1272
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9784
XForce ISS Database: mozilla-thunderbird-xml-object-spoof(22824)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22824
Common Vulnerability Exposure (CVE) ID: CVE-2005-2705
BugTraq ID: 14917
http://www.securityfocus.com/bid/14917
https://bugzilla.mozilla.org/show_bug.cgi?id=303213
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10367
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1307
XForce ISS Database: mozilla-javascript-bo(22377)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22377
Common Vulnerability Exposure (CVE) ID: CVE-2005-2706
BugTraq ID: 14920
http://www.securityfocus.com/bid/14920
http://www.osvdb.org/19648
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11317
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1443
http://secunia.com/advisories/19823
SuSE Security Announcement: SUSE-SA:2006:022 (Google Search)
http://www.novell.com/linux/security/advisories/2006_04_25.html
XForce ISS Database: mozilla-about-execute-code(22378)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22378
Common Vulnerability Exposure (CVE) ID: CVE-2005-2707
BugTraq ID: 14919
http://www.securityfocus.com/bid/14919
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11130
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1197
XForce ISS Database: mozilla-chrome-window-spoofing(22380)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22380
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.