 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2021.0354 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2021-0354) |
| Zusammenfassung: | The remote host is missing an update for the 'firefox, firefox-l10n, nspr, nss, rootcerts' package(s) announced via the MGASA-2021-0354 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'firefox, firefox-l10n, nspr, nss, rootcerts' package(s) announced via the MGASA-2021-0354 advisory. Vulnerability Insight: A malicious webpage could have triggered a use-after-free in accessibility features of a document, causing memory corruption and a potentially exploitable crash when accessibility was enabled (CVE-2021-29970). Mozilla developers Valentin Gosu, Randell Jesup, Emil Ghitta, Tyson Smith, and Olli Pettay reported memory safety bugs present in Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2021-29976). An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash (CVE-2021-30547). Affected Software/OS: 'firefox, firefox-l10n, nspr, nss, rootcerts' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2021-29970 https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://bugzilla.mozilla.org/show_bug.cgi?id=1709976 https://www.mozilla.org/security/advisories/mfsa2021-28/ https://www.mozilla.org/security/advisories/mfsa2021-29/ https://www.mozilla.org/security/advisories/mfsa2021-30/ Common Vulnerability Exposure (CVE) ID: CVE-2021-29976 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1700895%2C1703334%2C1706910%2C1711576%2C1714391 Common Vulnerability Exposure (CVE) ID: CVE-2021-30547 Debian Security Information: DSA-4939 (Google Search) https://www.debian.org/security/2021/dsa-4939 Debian Security Information: DSA-4940 (Google Search) https://www.debian.org/security/2021/dsa-4940 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/ https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html https://crbug.com/1210414 https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |