Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200505-11 (mozilla)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54943

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200505-11 (mozilla)

Resumen: The remote host is missing updates announced in;advisory GLSA 200505-11.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200505-11.

Vulnerability Insight:
Several vulnerabilities in the Mozilla Suite and Firefox allow an attacker
to conduct cross-site scripting attacks or to execute arbitrary code.

Solution:
All Mozilla Firefox users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=www-client/mozilla-firefox-1.0.4'

All Mozilla Firefox binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=www-client/mozilla-firefox-bin-1.0.4'

All Mozilla Suite users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-1.7.8'

All Mozilla Suite binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-bin-1.7.8'

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1476
BugTraq ID: 13544
http://www.securityfocus.com/bid/13544
BugTraq ID: 15495
http://www.securityfocus.com/bid/15495
CERT/CC vulnerability note: VU#534710
http://www.kb.cert.org/vuls/id/534710
http://marc.info/?l=full-disclosure&m=111553138007647&w=2
http://marc.info/?l=full-disclosure&m=111556301530553&w=2
http://greyhatsecurity.org/firefox.htm
http://greyhatsecurity.org/vulntests/ffrc.htm
https://bugzilla.mozilla.org/show_bug.cgi?id=292691
https://bugzilla.mozilla.org/show_bug.cgi?id=293302
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10045
http://www.redhat.com/support/errata/RHSA-2005-434.html
http://www.redhat.com/support/errata/RHSA-2005-435.html
SCO Security Bulletin: SCOSA-2005.49
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://securitytracker.com/id?1013913
http://secunia.com/advisories/15292
http://www.vupen.com/english/advisories/2005/0493
XForce ISS Database: mozilla-javascript-code-execution(20443)
https://exchange.xforce.ibmcloud.com/vulnerabilities/20443
Common Vulnerability Exposure (CVE) ID: CVE-2005-1477
CERT/CC vulnerability note: VU#648758
http://www.kb.cert.org/vuls/id/648758
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100001
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9231

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54943
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200505-11 (mozilla)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200505-11.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200505-11. Vulnerability Insight: Several vulnerabilities in the Mozilla Suite and Firefox allow an attacker to conduct cross-site scripting attacks or to execute arbitrary code. Solution: All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-1.0.4' All Mozilla Firefox binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-1.0.4' All Mozilla Suite users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-1.7.8' All Mozilla Suite binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-bin-1.7.8' CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1476 BugTraq ID: 13544 http://www.securityfocus.com/bid/13544 BugTraq ID: 15495 http://www.securityfocus.com/bid/15495 CERT/CC vulnerability note: VU#534710 http://www.kb.cert.org/vuls/id/534710 http://marc.info/?l=full-disclosure&m=111553138007647&w=2 http://marc.info/?l=full-disclosure&m=111556301530553&w=2 http://greyhatsecurity.org/firefox.htm http://greyhatsecurity.org/vulntests/ffrc.htm https://bugzilla.mozilla.org/show_bug.cgi?id=292691 https://bugzilla.mozilla.org/show_bug.cgi?id=293302 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10045 http://www.redhat.com/support/errata/RHSA-2005-434.html http://www.redhat.com/support/errata/RHSA-2005-435.html SCO Security Bulletin: SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://securitytracker.com/id?1013913 http://secunia.com/advisories/15292 http://www.vupen.com/english/advisories/2005/0493 XForce ISS Database: mozilla-javascript-code-execution(20443) https://exchange.xforce.ibmcloud.com/vulnerabilities/20443 Common Vulnerability Exposure (CVE) ID: CVE-2005-1477 CERT/CC vulnerability note: VU#648758 http://www.kb.cert.org/vuls/id/648758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9231
Copyright	Copyright (C) 2008 E-Soft Inc.