ID de Prueba:	1.3.6.1.4.1.25623.1.0.51020
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2003:163
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2003:163. Mozilla is an open source Web browser. A heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression. These errata packages upgrade Mozilla to version 1.0.2, which is not vulnerable to this issue. Mozilla 1.0.2 also contains a number of other stability and security updates. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-163.html http://www.mozilla.org/releases/mozilla1.0.2/ Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 6185 Common Vulnerability Exposure (CVE) ID: CVE-2002-1308 http://www.securityfocus.com/bid/6185 Bugtraq: 20021114 Netscape/Mozilla: Exploitable heap corruption via jar: URI handler. (Google Search) http://marc.info/?l=bugtraq&m=103730181813075&w=2 http://bugzilla.mozilla.org/show_bug.cgi?id=157646 http://www.redhat.com/support/errata/RHSA-2003-162.html http://www.redhat.com/support/errata/RHSA-2003-163.html XForce ISS Database: mozilla-netscape-jar-bo(10636) https://exchange.xforce.ibmcloud.com/vulnerabilities/10636
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.