 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.801137 |
| Kategorie: | Buffer overflow |
| Titel: | Mozilla Seamonkey Multiple Vulnerabilities (Nov 2009) - Linux |
| Zusammenfassung: | Mozilla Seamonkey is prone to multiple vulnerabilities. |
| Beschreibung: | Summary: Mozilla Seamonkey is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist: - When parsing regular expressions used in Proxy Auto-configuration. This can be exploited to cause a crash or potentially execute arbitrary code via specially crafted configured PAC files. - When processing GIF color maps which can be exploited to cause a heap based buffer overflow and potentially execute arbitrary code via a specially crafted GIF file. - An error when downloading files can be exploited to display different file names in the download dialog title bar and download dialog body. This can be exploited to obfuscate file names via a right-to-left override character and potentially trick a user into running an executable file. Vulnerability Impact: Successful exploitation will let attacker to disclose sensitive information, bypass certain security restrictions, manipulate certain data, or compromise a user's system. Affected Software/OS: Mozilla Seamonkey version prior to 2.0 on Linux. Solution: Upgrade to Seamonkey version 2.0. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-3372 http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10977 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6347 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.vupen.com/english/advisories/2009/3334 Common Vulnerability Exposure (CVE) ID: CVE-2009-3373 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10684 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6548 Common Vulnerability Exposure (CVE) ID: CVE-2009-3376 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11218 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6541 http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://secunia.com/advisories/38977 SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://www.ubuntu.com/usn/USN-915-1 http://www.vupen.com/english/advisories/2010/0648 http://www.vupen.com/english/advisories/2010/0650 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |