English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.58931
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2007:0724
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory RHSA-2007:0724.

Mozilla Firefox is an open source Web browser.

Several flaws were found in the way Firefox processed certain malformed
JavaScript code. A web page containing malicious JavaScript code could
cause Firefox to crash or potentially execute arbitrary code as the user
running Firefox. (CVE-2007-3734, CVE-2007-3735, CVE-2007-3737, CVE-2007-3738)

Several content injection flaws were found in the way Firefox handled
certain JavaScript code. A web page containing malicious JavaScript code
could inject arbitrary content into other web pages. (CVE-2007-3736,
CVE-2007-3089)

A flaw was found in the way Firefox cached web pages on the local disk. A
malicious web page may be able to inject arbitrary HTML into a browsing
session if the user reloads a targeted site. (CVE-2007-3656)

Users of Firefox are advised to upgrade to these erratum packages, which
contain backported patches that correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0724.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical

CVSS Score:
9.3

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-3089
BugTraq ID: 24286
http://www.securityfocus.com/bid/24286
Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/470446/100/0/threaded
Bugtraq: 20070720 rPSA-2007-0148-1 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/474226/100/0/threaded
Bugtraq: 20070724 FLEA-2007-0033-1: firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/474542/100/0/threaded
Cert/CC Advisory: TA07-199A
http://www.us-cert.gov/cas/techalerts/TA07-199A.html
CERT/CC vulnerability note: VU#143297
http://www.kb.cert.org/vuls/id/143297
Debian Security Information: DSA-1337 (Google Search)
http://www.debian.org/security/2007/dsa-1337
Debian Security Information: DSA-1338 (Google Search)
http://www.debian.org/security/2007/dsa-1338
Debian Security Information: DSA-1339 (Google Search)
http://www.debian.org/security/2007/dsa-1339
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html
http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152
http://lcamtuf.coredump.cx/ifsnatch/
https://bugzilla.mozilla.org/show_bug.cgi?id=381300
https://bugzilla.mozilla.org/show_bug.cgi?id=382686
http://osvdb.org/38024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11122
http://www.redhat.com/support/errata/RHSA-2007-0722.html
http://www.redhat.com/support/errata/RHSA-2007-0723.html
http://www.redhat.com/support/errata/RHSA-2007-0724.html
http://www.securitytracker.com/id?1018412
http://secunia.com/advisories/25589
http://secunia.com/advisories/26072
http://secunia.com/advisories/26095
http://secunia.com/advisories/26103
http://secunia.com/advisories/26106
http://secunia.com/advisories/26107
http://secunia.com/advisories/26149
http://secunia.com/advisories/26151
http://secunia.com/advisories/26159
http://secunia.com/advisories/26179
http://secunia.com/advisories/26204
http://secunia.com/advisories/26205
http://secunia.com/advisories/26211
http://secunia.com/advisories/26216
http://secunia.com/advisories/26258
http://secunia.com/advisories/26271
http://secunia.com/advisories/26460
http://secunia.com/advisories/28135
SGI Security Advisory: 20070701-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc
http://securityreason.com/securityalert/2781
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
SuSE Security Announcement: SUSE-SA:2007:049 (Google Search)
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
http://www.ubuntu.com/usn/usn-490-1
http://www.vupen.com/english/advisories/2007/2564
http://www.vupen.com/english/advisories/2007/4256
XForce ISS Database: firefox-iframe-security-bypass(34701)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34701
Common Vulnerability Exposure (CVE) ID: CVE-2007-3656
BugTraq ID: 24831
http://www.securityfocus.com/bid/24831
Bugtraq: 20070709 Firefox wyciwyg:// cache zone bypass (Google Search)
http://www.securityfocus.com/archive/1/473191/100/0/threaded
http://lcamtuf.coredump.cx/ffcache/
http://osvdb.org/38028
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9105
http://www.securitytracker.com/id?1018411
http://secunia.com/advisories/25990
http://securityreason.com/securityalert/2872
XForce ISS Database: mozilla-wyciwyg-security-bypass(35298)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35298
Common Vulnerability Exposure (CVE) ID: CVE-2007-3734
1018408
http://www.securitytracker.com/id?1018408
103177
20070701-01-P
20070720 rPSA-2007-0148-1 firefox thunderbird
20070724 FLEA-2007-0033-1: firefox thunderbird
201516
24946
http://www.securityfocus.com/bid/24946
25589
26072
26095
26096
http://secunia.com/advisories/26096
26103
26106
26107
26149
26151
26159
26176
http://secunia.com/advisories/26176
26179
26204
26205
26211
26216
26258
26271
26460
26572
http://secunia.com/advisories/26572
27326
http://secunia.com/advisories/27326
28135
28363
http://secunia.com/advisories/28363
ADV-2007-2564
ADV-2007-2565
http://www.vupen.com/english/advisories/2007/2565
ADV-2007-4256
ADV-2008-0082
http://www.vupen.com/english/advisories/2008/0082
DSA-1337
DSA-1338
DSA-1339
DSA-1391
http://www.debian.org/security/2007/dsa-1391
GLSA-200708-09
HPSBUX02153
HPSBUX02156
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
MDKSA-2007:152
MDVSA-2007:047
http://www.mandriva.com/security/advisories?name=MDVSA-2007:047
MDVSA-2008:047
http://www.mandriva.com/security/advisories?name=MDVSA-2008:047
RHSA-2007:0722
RHSA-2007:0723
RHSA-2007:0724
SSRT061181
SSRT061236
SUSE-SA:2007:049
USN-490-1
USN-503-1
http://www.ubuntu.com/usn/usn-503-1
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
http://www.mozilla.org/security/announce/2007/mfsa2007-18.html
mozilla-browser-engine-code-execution(35458)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35458
oval:org.mitre.oval:def:10108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10108
Common Vulnerability Exposure (CVE) ID: CVE-2007-3735
mozilla-javascript-eng-code-execution(35459)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35459
oval:org.mitre.oval:def:11066
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11066
Common Vulnerability Exposure (CVE) ID: CVE-2007-3736
1018410
http://www.securitytracker.com/id?1018410
http://www.mozilla.org/security/announce/2007/mfsa2007-19.html
mozilla-addeventlistener-settimeout-xss(35462)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35462
oval:org.mitre.oval:def:11749
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11749
Common Vulnerability Exposure (CVE) ID: CVE-2007-3737
1018409
http://www.securitytracker.com/id?1018409
firefox-eventhandler-code-execution(35461)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35461
http://www.mozilla.org/security/announce/2007/mfsa2007-21.html
oval:org.mitre.oval:def:10009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10009
Common Vulnerability Exposure (CVE) ID: CVE-2007-3738
1018414
http://www.securitytracker.com/id?1018414
SUSE-SA:2007:057
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
firefox-xpcnativewrapper-code-execution(35460)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35460
http://www.mozilla.org/security/announce/2007/mfsa2007-25.html
oval:org.mitre.oval:def:9875
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9875
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.