English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.800361
Kategorie:Buffer overflow
Titel:Mozilla Firefox Multiple Vulnerabilities (Mar 2009) - Windows
Zusammenfassung:Mozilla Firefox is prone to multiple vulnerabilities.
Beschreibung:Summary:
Mozilla Firefox is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws due to

- Layout engine error which causes memory corruption and assertion failures.

- Layout engine error related to 'nsCSSStyleSheet::GetOwnerNode', events and
garage collection which triggers memory corruption.

- Layout engine error through a splice of an array that contains 'non-set'
elements which causes 'jsarray.cpp' to pass an incorrect argument to the
'ResizeSlots' function which causes application crash.

- Vectors related to js_DecompileValueGenerator, jsopcode.cpp,
__defineSetter__ and watch which causes a segmentation fault.

- Layout engine error in the vector related to 'gczeal'.

- Double free vulnerability in Firefox via 'cloned XUL DOM elements' which
were linked as a parent and child are not properly handled during garbage
collection which causes arbitrary code execution.

- 'nsIRDFService' in Firefox allows to bypass the same origin policy and
read XML data through another domain by cross-domain redirect.

- Error while decoding invisible characters when they are displayed in the
location bar which causes incorrect address to be displayed in the URL bar
and causes spoofing attacks.

- Error in 'window.print' function which causes dos attack via nested calls
in the 'onclick' attribute of an 'INPUT' element.

Vulnerability Impact:
Successful exploitation will let attacker execute arbitrary code in the
context of an affected web application or can cause URL address bar
spoofing attacks or may cause denial of service.

Affected Software/OS:
Firefox version prior to 3.0.7 on Windows.

Solution:
Upgrade to Firefox version 3.0.7.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-0771
1021795
http://www.securitytracker.com/id?1021795
33990
http://www.securityfocus.com/bid/33990
34140
http://secunia.com/advisories/34140
34145
http://secunia.com/advisories/34145
34272
http://secunia.com/advisories/34272
34383
http://secunia.com/advisories/34383
34462
http://secunia.com/advisories/34462
34464
http://secunia.com/advisories/34464
34527
http://secunia.com/advisories/34527
ADV-2009-0632
http://www.vupen.com/english/advisories/2009/0632
DSA-1751
http://www.debian.org/security/2009/dsa-1751
DSA-1830
http://www.debian.org/security/2009/dsa-1830
FEDORA-2009-3101
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html
MDVSA-2009:075
http://www.mandriva.com/security/advisories?name=MDVSA-2009:075
MDVSA-2009:083
http://www.mandriva.com/security/advisories?name=MDVSA-2009:083
RHSA-2009:0315
http://www.redhat.com/support/errata/RHSA-2009-0315.html
SSA:2009-083-02
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420
SSA:2009-083-03
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952
SUSE-SA:2009:012
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html
http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm
http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document
http://www.mozilla.org/security/announce/2009/mfsa2009-07.html
https://bugzilla.mozilla.org/buglist.cgi?bug_id=424276%2C435209%2C436965%2C460706%2C466057%2C468578%2C471594%2C472502
oval:org.mitre.oval:def:11314
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11314
oval:org.mitre.oval:def:5250
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5250
oval:org.mitre.oval:def:6163
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6163
oval:org.mitre.oval:def:6196
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6196
oval:org.mitre.oval:def:6755
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6755
Common Vulnerability Exposure (CVE) ID: CVE-2009-0772
34137
http://secunia.com/advisories/34137
34324
http://secunia.com/advisories/34324
34387
http://secunia.com/advisories/34387
34417
http://secunia.com/advisories/34417
FEDORA-2009-2882
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html
FEDORA-2009-2884
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html
RHSA-2009:0258
http://www.redhat.com/support/errata/RHSA-2009-0258.html
RHSA-2009:0325
http://www.redhat.com/support/errata/RHSA-2009-0325.html
SUSE-SA:2009:023
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html
USN-741-1
https://usn.ubuntu.com/741-1/
https://bugzilla.mozilla.org/show_bug.cgi?id=475136
oval:org.mitre.oval:def:5703
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5703
oval:org.mitre.oval:def:5945
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5945
oval:org.mitre.oval:def:6097
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6097
oval:org.mitre.oval:def:6811
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6811
oval:org.mitre.oval:def:9609
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9609
Common Vulnerability Exposure (CVE) ID: CVE-2009-0773
https://bugzilla.mozilla.org/show_bug.cgi?id=457521
https://bugzilla.mozilla.org/show_bug.cgi?id=467499
https://bugzilla.mozilla.org/show_bug.cgi?id=472787
oval:org.mitre.oval:def:10491
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10491
oval:org.mitre.oval:def:5856
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5856
oval:org.mitre.oval:def:5980
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5980
oval:org.mitre.oval:def:6141
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6141
oval:org.mitre.oval:def:6708
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6708
Common Vulnerability Exposure (CVE) ID: CVE-2009-0774
https://bugzilla.mozilla.org/show_bug.cgi?id=473709
oval:org.mitre.oval:def:11138
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11138
oval:org.mitre.oval:def:5947
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5947
oval:org.mitre.oval:def:6057
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6057
oval:org.mitre.oval:def:6121
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6121
oval:org.mitre.oval:def:6945
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6945
Common Vulnerability Exposure (CVE) ID: CVE-2009-0775
1021796
http://www.securitytracker.com/id?1021796
http://www.mozilla.org/security/announce/2009/mfsa2009-08.html
https://bugzilla.mozilla.org/show_bug.cgi?id=474456
oval:org.mitre.oval:def:5806
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5806
oval:org.mitre.oval:def:5816
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5816
oval:org.mitre.oval:def:6207
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6207
oval:org.mitre.oval:def:7584
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7584
oval:org.mitre.oval:def:9681
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9681
Common Vulnerability Exposure (CVE) ID: CVE-2009-0776
1021797
http://www.securitytracker.com/id?1021797
http://www.mozilla.org/security/announce/2009/mfsa2009-09.html
https://bugzilla.mozilla.org/show_bug.cgi?id=414540
oval:org.mitre.oval:def:5956
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5956
oval:org.mitre.oval:def:6017
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6017
oval:org.mitre.oval:def:6191
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6191
oval:org.mitre.oval:def:7390
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7390
oval:org.mitre.oval:def:9241
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9241
Common Vulnerability Exposure (CVE) ID: CVE-2009-0777
1021799
http://securitytracker.com/alerts/2009/Mar/1021799.html
http://www.mozilla.org/security/announce/2009/mfsa2009-11.html
https://bugzilla.mozilla.org/show_bug.cgi?id=452979
mozilla-invisible-url-spoofing(49087)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49087
oval:org.mitre.oval:def:11222
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11222
oval:org.mitre.oval:def:6039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6039
oval:org.mitre.oval:def:6157
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6157
oval:org.mitre.oval:def:6229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6229
oval:org.mitre.oval:def:7435
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7435
Common Vulnerability Exposure (CVE) ID: CVE-2009-0821
BugTraq ID: 33969
http://www.securityfocus.com/bid/33969
http://downloads.securityfocus.com/vulnerabilities/exploits/33969.html
CopyrightCopyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.