FreeBSD Local Security Checks : FreeBSD Ports: firefox

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52429

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: firefox

Resumen: The remote host is missing an update to the system;as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:
firefox
linux-mozilla
linux-mozilla-devel
mozilla
mozilla-gtk1

CVE-2004-0763
Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof
certificates of trusted web sites via redirects and Javascript that
uses the 'onunload' method.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0763
BugTraq ID: 15495
http://www.securityfocus.com/bid/15495
Bugtraq: 20040726 Mozilla Firefox Certificate Spoofing (Google Search)
http://marc.info/?l=bugtraq&m=109087067730938&w=2
http://marc.info/?l=bugtraq&m=109900315219363&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/024372.html
http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml
http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3989
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9436
http://www.redhat.com/support/errata/RHSA-2004-421.html
SCO Security Bulletin: SCOSA-2005.49
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://secunia.com/advisories/12160/
SuSE Security Announcement: SUSE-SA:2004:036 (Google Search)
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
XForce ISS Database: mozilla-ssl-certificate-spoofing(16796)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16796

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52429
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: firefox
Resumen:	The remote host is missing an update to the system;as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: firefox linux-mozilla linux-mozilla-devel mozilla mozilla-gtk1 CVE-2004-0763 Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the 'onunload' method. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0763 BugTraq ID: 15495 http://www.securityfocus.com/bid/15495 Bugtraq: 20040726 Mozilla Firefox Certificate Spoofing (Google Search) http://marc.info/?l=bugtraq&m=109087067730938&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/024372.html http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3989 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9436 http://www.redhat.com/support/errata/RHSA-2004-421.html SCO Security Bulletin: SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://secunia.com/advisories/12160/ SuSE Security Announcement: SUSE-SA:2004:036 (Google Search) http://www.novell.com/linux/security/advisories/2004_36_mozilla.html XForce ISS Database: mozilla-ssl-certificate-spoofing(16796) https://exchange.xforce.ibmcloud.com/vulnerabilities/16796
Copyright	Copyright (C) 2008 E-Soft Inc.