Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200501-03 (Mozilla)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54789

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200501-03 (Mozilla)

Resumen: The remote host is missing updates announced in;advisory GLSA 200501-03.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200501-03.

Vulnerability Insight:
Various vulnerabilities were found and fixed in Mozilla-based products,
ranging from a potential buffer overflow and temporary files disclosure to
anti-spoofing issues.

Solution:
All Mozilla users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-www/mozilla-1.7.5'

All Mozilla binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-www/mozilla-bin-1.7.5'

All Firefox users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-www/mozilla-firefox-1.0'

All Firefox binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-www/mozilla-firefox-bin-1.0'

All Thunderbird users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=mail-client/mozilla-thunderbird-0.9'

All Thunderbird binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=mail-client/mozilla-thunderbird-bin-0.9'

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-2227
http://security.gentoo.org/glsa/glsa-200501-03.xml
https://bugzilla.mozilla.org/show_bug.cgi?id=234416
http://www.osvdb.org/11591
http://secunia.com/advisories/13144
http://secunia.com/advisories/13724
XForce ISS Database: mozilla-firefox-ext-spoof(18016)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18016
Common Vulnerability Exposure (CVE) ID: CVE-2004-2228
BugTraq ID: 11644
http://www.securityfocus.com/bid/11644
http://www.osvdb.org/11592
XForce ISS Database: mozilla-firefox-gain-privileges(18017)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18017

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54789
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200501-03 (Mozilla)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200501-03.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200501-03. Vulnerability Insight: Various vulnerabilities were found and fixed in Mozilla-based products, ranging from a potential buffer overflow and temporary files disclosure to anti-spoofing issues. Solution: All Mozilla users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mozilla-1.7.5' All Mozilla binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mozilla-bin-1.7.5' All Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mozilla-firefox-1.0' All Firefox binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mozilla-firefox-bin-1.0' All Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-0.9' All Thunderbird binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-0.9' CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2227 http://security.gentoo.org/glsa/glsa-200501-03.xml https://bugzilla.mozilla.org/show_bug.cgi?id=234416 http://www.osvdb.org/11591 http://secunia.com/advisories/13144 http://secunia.com/advisories/13724 XForce ISS Database: mozilla-firefox-ext-spoof(18016) https://exchange.xforce.ibmcloud.com/vulnerabilities/18016 Common Vulnerability Exposure (CVE) ID: CVE-2004-2228 BugTraq ID: 11644 http://www.securityfocus.com/bid/11644 http://www.osvdb.org/11592 XForce ISS Database: mozilla-firefox-gain-privileges(18017) https://exchange.xforce.ibmcloud.com/vulnerabilities/18017
Copyright	Copyright (C) 2008 E-Soft Inc.