Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2004:107 (mozilla)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50591

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2004:107 (mozilla)

Resumen: Mandrake Security Advisory MDKSA-2004:107 (mozilla)

Descripción:
The remote host is missing an update to mozilla
announced via advisory MDKSA-2004:107.

A number of vulnerabilities were fixed in mozilla 1.7.3, the following
of which have been backported to mozilla packages for Mandrakelinux
10.0:

- Send page heap overrun
- javascript clipboard access
- buffer overflow when displaying VCard
- BMP integer overflow
- javascript: link dragging
- Malicious POP3 server III

The details of all of these vulnerabilities are available from the
Mozilla website.

Affected versions: 10.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0908
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3

Risk factor : Critical

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0902
http://marc.theaimsgroup.com/?l=bugtraq&m=109900315219363&w=2
http://security.gentoo.org/glsa/glsa-200409-26.xml
SuSE Security Announcement: SUSE-SA:2004:036 (Google Search)
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
HPdes Security Advisory: SSRT4826
http://marc.theaimsgroup.com/?l=bugtraq&m=109698896104418&w=2
CERT/CC vulnerability note: VU#327560
CERT/CC vulnerability note: VU#125776
CERT/CC vulnerability note: VU#808216
Cert/CC Advisory: TA04-261A
http://www.us-cert.gov/cas/techalerts/TA04-261A.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11201
XForce ISS Database: mozilla-netscape-nonascii-bo(17378)
http://xforce.iss.net/xforce/xfdb/17378
XForce ISS Database: mozilla-nspop3protocol-bo(17379)
http://xforce.iss.net/xforce/xfdb/17379
Common Vulnerability Exposure (CVE) ID: CVE-2004-0903
CERT/CC vulnerability note: VU#414240
http://www.kb.cert.org/vuls/id/414240
BugTraq ID: 11174
http://www.securityfocus.com/bid/11174
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10873
XForce ISS Database: mozilla-netscape-nsvcardobj-bo(17380)
http://xforce.iss.net/xforce/xfdb/17380
Common Vulnerability Exposure (CVE) ID: CVE-2004-0904
CERT/CC vulnerability note: VU#847200
http://www.kb.cert.org/vuls/id/847200
BugTraq ID: 11171
http://www.securityfocus.com/bid/11171
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10952
XForce ISS Database: mozilla-netscape-bmp-bo(17381)
http://xforce.iss.net/xforce/xfdb/17381
Common Vulnerability Exposure (CVE) ID: CVE-2004-0905
CERT/CC vulnerability note: VU#651928
http://www.kb.cert.org/vuls/id/651928
BugTraq ID: 11177
http://www.securityfocus.com/bid/11177
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10378
XForce ISS Database: mozilla-netscape-sameorigin-bypass(17374)
http://xforce.iss.net/xforce/xfdb/17374
Common Vulnerability Exposure (CVE) ID: CVE-2004-0908
CERT/CC vulnerability note: VU#460528
http://www.kb.cert.org/vuls/id/460528
BugTraq ID: 11179
http://www.securityfocus.com/bid/11179
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9745
http://secunia.com/advisories/12526
XForce ISS Database: mozilla-shortcut-clipboard-access(17376)
http://xforce.iss.net/xforce/xfdb/17376

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50591
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:107 (mozilla)
Resumen:	Mandrake Security Advisory MDKSA-2004:107 (mozilla)
Descripción:	The remote host is missing an update to mozilla announced via advisory MDKSA-2004:107. A number of vulnerabilities were fixed in mozilla 1.7.3, the following of which have been backported to mozilla packages for Mandrakelinux 10.0: - Send page heap overrun - javascript clipboard access - buffer overflow when displaying VCard - BMP integer overflow - javascript: link dragging - Malicious POP3 server III The details of all of these vulnerabilities are available from the Mozilla website. Affected versions: 10.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0903 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0904 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0905 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0908 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 Risk factor : Critical
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0902 http://marc.theaimsgroup.com/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml SuSE Security Announcement: SUSE-SA:2004:036 (Google Search) http://www.novell.com/linux/security/advisories/2004_36_mozilla.html HPdes Security Advisory: SSRT4826 http://marc.theaimsgroup.com/?l=bugtraq&m=109698896104418&w=2 CERT/CC vulnerability note: VU#327560 CERT/CC vulnerability note: VU#125776 CERT/CC vulnerability note: VU#808216 Cert/CC Advisory: TA04-261A http://www.us-cert.gov/cas/techalerts/TA04-261A.html http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11201 XForce ISS Database: mozilla-netscape-nonascii-bo(17378) http://xforce.iss.net/xforce/xfdb/17378 XForce ISS Database: mozilla-nspop3protocol-bo(17379) http://xforce.iss.net/xforce/xfdb/17379 Common Vulnerability Exposure (CVE) ID: CVE-2004-0903 CERT/CC vulnerability note: VU#414240 http://www.kb.cert.org/vuls/id/414240 BugTraq ID: 11174 http://www.securityfocus.com/bid/11174 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10873 XForce ISS Database: mozilla-netscape-nsvcardobj-bo(17380) http://xforce.iss.net/xforce/xfdb/17380 Common Vulnerability Exposure (CVE) ID: CVE-2004-0904 CERT/CC vulnerability note: VU#847200 http://www.kb.cert.org/vuls/id/847200 BugTraq ID: 11171 http://www.securityfocus.com/bid/11171 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10952 XForce ISS Database: mozilla-netscape-bmp-bo(17381) http://xforce.iss.net/xforce/xfdb/17381 Common Vulnerability Exposure (CVE) ID: CVE-2004-0905 CERT/CC vulnerability note: VU#651928 http://www.kb.cert.org/vuls/id/651928 BugTraq ID: 11177 http://www.securityfocus.com/bid/11177 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10378 XForce ISS Database: mozilla-netscape-sameorigin-bypass(17374) http://xforce.iss.net/xforce/xfdb/17374 Common Vulnerability Exposure (CVE) ID: CVE-2004-0908 CERT/CC vulnerability note: VU#460528 http://www.kb.cert.org/vuls/id/460528 BugTraq ID: 11179 http://www.securityfocus.com/bid/11179 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9745 http://secunia.com/advisories/12526 XForce ISS Database: mozilla-shortcut-clipboard-access(17376) http://xforce.iss.net/xforce/xfdb/17376
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com