ID de Prueba:	1.3.6.1.4.1.25623.1.0.51924
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:335
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:335. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Numerous bugs have been fixed in Mozilla. For complete details, please visit the referenced security advisory. Users of Mozilla are advised to upgrade to this updated package which contains Mozilla version 1.7.6 to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-335.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1380 http://secunia.com/multiple_browsers_dialog_box_spoofing_test/ http://secunia.com/multiple_browsers_form_field_focus_test/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10211 http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://secunia.com/advisories/12712 XForce ISS Database: web-browser-modal-spoofing(18864) https://exchange.xforce.ibmcloud.com/vulnerabilities/18864 Common Vulnerability Exposure (CVE) ID: CVE-2005-0141 BugTraq ID: 12407 http://www.securityfocus.com/bid/12407 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10756 XForce ISS Database: mozilla-firefox-file-upload(19168) https://exchange.xforce.ibmcloud.com/vulnerabilities/19168 Common Vulnerability Exposure (CVE) ID: CVE-2005-0142 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100056 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9543 http://www.redhat.com/support/errata/RHSA-2005-384.html http://secunia.com/advisories/19823 SuSE Security Announcement: SUSE-SA:2006:022 (Google Search) http://www.novell.com/linux/security/advisories/2006_04_25.html XForce ISS Database: mozilla-world-readable(17832) https://exchange.xforce.ibmcloud.com/vulnerabilities/17832 Common Vulnerability Exposure (CVE) ID: CVE-2005-0143 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100055 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11297 XForce ISS Database: mozilla-ssl-spoofing(19166) https://exchange.xforce.ibmcloud.com/vulnerabilities/19166 Common Vulnerability Exposure (CVE) ID: CVE-2005-0144 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11016 XForce ISS Database: mozilla-ssl-view-source-spoofing(19169) https://exchange.xforce.ibmcloud.com/vulnerabilities/19169 Common Vulnerability Exposure (CVE) ID: CVE-2005-0146 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10362 XForce ISS Database: mozilla-middle-click-information-disclosure(19171) https://exchange.xforce.ibmcloud.com/vulnerabilities/19171 Common Vulnerability Exposure (CVE) ID: CVE-2005-0149 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100047 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11407 http://www.redhat.com/support/errata/RHSA-2005-094.html XForce ISS Database: mozilla-cookie-policy-bypass(19172) https://exchange.xforce.ibmcloud.com/vulnerabilities/19172 Common Vulnerability Exposure (CVE) ID: CVE-2005-0399 12881 http://www.securityfocus.com/bid/12881 14654 http://secunia.com/advisories/14654 15495 http://www.securityfocus.com/bid/15495 19823 20050323 Mozilla Foundation GIF Overflow http://xforce.iss.net/xforce/alerts/id/191 ADV-2005-0296 http://www.vupen.com/english/advisories/2005/0296 GLSA-200503-30 http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml P-160 http://www.ciac.org/ciac/bulletins/p-160.shtml RHSA-2005:323 RHSA-2005:335 RHSA-2005:336 http://www.redhat.com/support/errata/RHSA-2005-336.html RHSA-2005:337 http://www.redhat.com/support/errata/RHSA-2005-337.html SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt SUSE-SA:2006:022 VU#557948 http://www.kb.cert.org/vuls/id/557948 gif-extension-overflow(19269) https://exchange.xforce.ibmcloud.com/vulnerabilities/19269 http://www.mozilla.org/security/announce/mfsa2005-30.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877 oval:org.mitre.oval:def:100028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028 oval:org.mitre.oval:def:11377 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377 Common Vulnerability Exposure (CVE) ID: CVE-2005-0401 12885 http://www.securityfocus.com/bid/12885 20050324 Firescrolling 2 [Firefox 1.0.1] http://marc.info/?l=bugtraq&m=111168413007891&w=2 RHSA-2005:384 http://mikx.de/firescrolling2/ http://www.mozilla.org/security/announce/mfsa2005-32.html oval:org.mitre.oval:def:100026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100026 oval:org.mitre.oval:def:9650 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9650 Common Vulnerability Exposure (CVE) ID: CVE-2005-0147 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100049 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9578 XForce ISS Database: mozilla-407-proxy-obtain-information(19174) https://exchange.xforce.ibmcloud.com/vulnerabilities/19174 Common Vulnerability Exposure (CVE) ID: CVE-2005-0233 12461 http://www.securityfocus.com/bid/12461 20050206 state of homograph attacks http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html 20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. http://marc.info/?l=bugtraq&m=110782704923280&w=2 GLSA-200503-10 http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml RHSA-2005:176 http://www.redhat.com/support/errata/RHSA-2005-176.html SUSE-SA:2005:016 http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html http://www.mozilla.org/security/announce/mfsa2005-29.html http://www.shmoo.com/idn http://www.shmoo.com/idn/homograph.txt multiple-browsers-idn-spoof(19236) https://exchange.xforce.ibmcloud.com/vulnerabilities/19236 oval:org.mitre.oval:def:100029 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100029 oval:org.mitre.oval:def:11229 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11229 Common Vulnerability Exposure (CVE) ID: CVE-2004-1156 http://secunia.com/multiple_browsers_window_injection_vulnerability_test/ http://secunia.com/secunia_research/2004-13/advisory/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10117 http://secunia.com/advisories/13129/ Common Vulnerability Exposure (CVE) ID: CVE-2005-0585 13599 http://secunia.com/advisories/13599 http://secunia.com/secunia_research/2004-15/advisory/ http://www.mozilla.org/security/announce/mfsa2005-23.html oval:org.mitre.oval:def:100035 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100035 oval:org.mitre.oval:def:9924 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9924 Common Vulnerability Exposure (CVE) ID: CVE-2004-1316 BugTraq ID: 12131 http://www.securityfocus.com/bid/12131 Bugtraq: 20041229 Heap overflow in Mozilla Browser <= 1.7.3 NNTP code. (Google Search) http://marc.info/?l=bugtraq&m=110436284718949&w=2 HPdes Security Advisory: HPSBTU01114 http://marc.info/?l=bugtraq&m=110780717916478&w=2 HPdes Security Advisory: HPSBUX01133 HPdes Security Advisory: SSRT5940 http://isec.pl/vulnerabilities/isec-0020-mozilla.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9808 http://www.redhat.com/support/errata/RHSA-2005-038.html XForce ISS Database: mozilla-nntp-bo(18711) https://exchange.xforce.ibmcloud.com/vulnerabilities/18711 Common Vulnerability Exposure (CVE) ID: CVE-2004-1381 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100053 XForce ISS Database: web-browser-inactive-info-disclosure(17789) https://exchange.xforce.ibmcloud.com/vulnerabilities/17789
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.