Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200507-14 (mozilla)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54990

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200507-14 (mozilla)

Resumen: The remote host is missing updates announced in;advisory GLSA 200507-14.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200507-14.

Vulnerability Insight:
Several vulnerabilities in Mozilla Firefox allow attacks ranging from
execution of script code with elevated privileges to information leak.

Solution:
All Mozilla Firefox users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=www-client/mozilla-firefox-1.0.5'

All Mozilla Firefox binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=www-client/mozilla-firefox-bin-1.0.5'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0717
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
http://secunia.com/advisories/11978
XForce ISS Database: http-frame-spoof(1598)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1598
Common Vulnerability Exposure (CVE) ID: CVE-2004-0718
BugTraq ID: 15495
http://www.securityfocus.com/bid/15495
Debian Security Information: DSA-777 (Google Search)
http://www.debian.org/security/2005/dsa-777
Debian Security Information: DSA-810 (Google Search)
http://www.debian.org/security/2005/dsa-810
http://marc.info/?l=bugtraq&m=109900315219363&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2004:082
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4756
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9997
http://www.redhat.com/support/errata/RHSA-2004-421.html
SCO Security Bulletin: SCOSA-2005.49
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
SuSE Security Announcement: SUSE-SA:2004:036 (Google Search)
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
Common Vulnerability Exposure (CVE) ID: CVE-2004-0719
http://secunia.com/advisories/11966
Common Vulnerability Exposure (CVE) ID: CVE-2004-0720
Common Vulnerability Exposure (CVE) ID: CVE-2004-0721
Bugtraq: 20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=109225538901170&w=2
Conectiva Linux advisory: CLA-2004:864
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864
http://security.gentoo.org/glsa/glsa-200408-13.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54990
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200507-14 (mozilla)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200507-14.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200507-14. Vulnerability Insight: Several vulnerabilities in Mozilla Firefox allow attacks ranging from execution of script code with elevated privileges to information leak. Solution: All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-1.0.5' All Mozilla Firefox binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-1.0.5' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0717 http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ http://secunia.com/advisories/11978 XForce ISS Database: http-frame-spoof(1598) https://exchange.xforce.ibmcloud.com/vulnerabilities/1598 Common Vulnerability Exposure (CVE) ID: CVE-2004-0718 BugTraq ID: 15495 http://www.securityfocus.com/bid/15495 Debian Security Information: DSA-777 (Google Search) http://www.debian.org/security/2005/dsa-777 Debian Security Information: DSA-810 (Google Search) http://www.debian.org/security/2005/dsa-810 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:082 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4756 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9997 http://www.redhat.com/support/errata/RHSA-2004-421.html SCO Security Bulletin: SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt SuSE Security Announcement: SUSE-SA:2004:036 (Google Search) http://www.novell.com/linux/security/advisories/2004_36_mozilla.html Common Vulnerability Exposure (CVE) ID: CVE-2004-0719 http://secunia.com/advisories/11966 Common Vulnerability Exposure (CVE) ID: CVE-2004-0720 Common Vulnerability Exposure (CVE) ID: CVE-2004-0721 Bugtraq: 20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=109225538901170&w=2 Conectiva Linux advisory: CLA-2004:864 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 http://security.gentoo.org/glsa/glsa-200408-13.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371
Copyright	Copyright (C) 2008 E-Soft Inc.