 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2015.0115 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2015-0115) |
| Zusammenfassung: | The remote host is missing an update for the 'firefox, firefox-l10n, nss, rootcerts' package(s) announced via the MGASA-2015-0115 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'firefox, firefox-l10n, nss, rootcerts' package(s) announced via the MGASA-2015-0115 advisory. Vulnerability Insight: A flaw was discovered in the implementation of typed array bounds checking in the Javascript just-in-time compilation. If a user were tricked in to opening a specially crafted website, an attacked could exploit this to execute arbitrary code with the privileges of the user invoking Firefox (CVE-2015-0817). Mariusz Mlynski discovered a flaw in the processing of SVG format content navigation. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to run arbitrary script in a privileged context (CVE-2015-0818). The firefox package has been updated to version 31.5.3 to fix these issues. Also, the nss package has been updated to version 3.18, which enables TLS and DTLS 1.2, increases the default RSA key size created by certutil to 2048 bits, and has some CA root certificate updates. Affected Software/OS: 'firefox, firefox-l10n, nss, rootcerts' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-0817 BugTraq ID: 73263 http://www.securityfocus.com/bid/73263 Debian Security Information: DSA-3201 (Google Search) http://www.debian.org/security/2015/dsa-3201 https://security.gentoo.org/glsa/201504-01 RedHat Security Advisories: RHSA-2015:0718 http://rhn.redhat.com/errata/RHSA-2015-0718.html http://www.securitytracker.com/id/1031958 SuSE Security Announcement: SUSE-SU-2015:0593 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00029.html SuSE Security Announcement: SUSE-SU-2015:0630 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00035.html SuSE Security Announcement: openSUSE-SU-2015:0567 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html SuSE Security Announcement: openSUSE-SU-2015:0636 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00096.html http://www.ubuntu.com/usn/USN-2538-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0818 BugTraq ID: 73265 http://www.securityfocus.com/bid/73265 http://www.securitytracker.com/id/1031959 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |