English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.56567
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2006:0329
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2006:0329.

Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.

Several bugs were found in the way Mozilla processes malformed javascript.
A malicious web page could modify the content of a different open web
page, possibly stealing sensitive information or conducting a cross-site
scripting attack. (CVE-2006-1731, CVE-2006-1732, CVE-2006-1741)

Several bugs were found in the way Mozilla processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of chrome, allowing the page to steal
sensitive information or install browser malware. (CVE-2006-1727,
CVE-2006-1728, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1742)

Several bugs were found in the way Mozilla processes malformed web pages.
A carefully crafted malicious web page could cause the execution of
arbitrary code as the user running Mozilla. (CVE-2006-1730, CVE-2006-1737,
CVE-2006-1738, CVE-2006-1739, CVE-2006-0749, CVE-2006-1790)

A bug was found in the way Mozilla displays the secure site icon. If a
browser is configured to display the non-default secure site modal warning
dialog, it may be possible to trick a user into believing they are viewing
a secure site. (CVE-2006-1740)

A bug was found in the way Mozilla allows javascript mutation events on
input form elements. A malicious web page could be created in such a way
that when a user submits a form, an arbitrary file could be uploaded to the
attacker. (CVE-2006-1729)

Users of Mozilla are advised to upgrade to these updated packages
containing Mozilla version 1.7.13 which corrects these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0329.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical

CVSS Score:
10.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-1727
1015926
http://securitytracker.com/id?1015926
1015927
http://securitytracker.com/id?1015927
1015928
http://securitytracker.com/id?1015928
1015929
http://securitytracker.com/id?1015929
102550
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
17516
http://www.securityfocus.com/bid/17516
19631
http://secunia.com/advisories/19631
19649
http://secunia.com/advisories/19649
19696
http://secunia.com/advisories/19696
19714
http://secunia.com/advisories/19714
19721
http://secunia.com/advisories/19721
19729
http://secunia.com/advisories/19729
19746
http://secunia.com/advisories/19746
19759
http://secunia.com/advisories/19759
19780
http://secunia.com/advisories/19780
19811
http://secunia.com/advisories/19811
19821
http://secunia.com/advisories/19821
19823
http://secunia.com/advisories/19823
19852
http://secunia.com/advisories/19852
19862
http://secunia.com/advisories/19862
19863
http://secunia.com/advisories/19863
19902
http://secunia.com/advisories/19902
19941
http://secunia.com/advisories/19941
19950
http://secunia.com/advisories/19950
20051
http://secunia.com/advisories/20051
20060404-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
21033
http://secunia.com/advisories/21033
21622
http://secunia.com/advisories/21622
22065
http://secunia.com/advisories/22065
22066
http://secunia.com/advisories/22066
228526
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
ADV-2006-1356
http://www.vupen.com/english/advisories/2006/1356
ADV-2006-3391
http://www.vupen.com/english/advisories/2006/3391
ADV-2006-3748
http://www.vupen.com/english/advisories/2006/3748
ADV-2006-3749
http://www.vupen.com/english/advisories/2006/3749
ADV-2008-0083
http://www.vupen.com/english/advisories/2008/0083
DSA-1044
http://www.debian.org/security/2006/dsa-1044
DSA-1046
http://www.debian.org/security/2006/dsa-1046
DSA-1051
http://www.debian.org/security/2006/dsa-1051
FEDORA-2006-410
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
FEDORA-2006-411
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
FLSA:189137-1
http://www.securityfocus.com/archive/1/436296/100/0/threaded
FLSA:189137-2
http://www.securityfocus.com/archive/1/436338/100/0/threaded
GLSA-200604-12
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
GLSA-200604-18
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
GLSA-200605-09
http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
HPSBUX02122
http://www.securityfocus.com/archive/1/438730/100/0/threaded
HPSBUX02153
http://www.securityfocus.com/archive/1/446658/100/200/threaded
HPSBUX02156
http://www.securityfocus.com/archive/1/446657/100/200/threaded
MDKSA-2006:076
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
MDKSA-2006:078
http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
RHSA-2006:0328
http://www.redhat.com/support/errata/RHSA-2006-0328.html
RHSA-2006:0329
http://www.redhat.com/support/errata/RHSA-2006-0329.html
RHSA-2006:0330
http://www.redhat.com/support/errata/RHSA-2006-0330.html
SCOSA-2006.26
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
SSRT061158
SSRT061181
SSRT061236
SUSE-SA:2006:021
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
SUSE-SA:2006:022
http://www.novell.com/linux/security/advisories/2006_04_25.html
USN-271-1
https://usn.ubuntu.com/271-1/
USN-275-1
https://usn.ubuntu.com/275-1/
USN-276-1
https://usn.ubuntu.com/276-1/
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
http://www.mozilla.org/security/announce/2006/mfsa2006-25.html
mozilla-printpreview-privilege-escalation(25824)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25824
oval:org.mitre.oval:def:10364
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10364
oval:org.mitre.oval:def:1649
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1649
Common Vulnerability Exposure (CVE) ID: CVE-2006-1728
1015922
http://securitytracker.com/id?1015922
1015923
http://securitytracker.com/id?1015923
1015924
http://securitytracker.com/id?1015924
1015925
http://securitytracker.com/id?1015925
102763
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1
19794
http://secunia.com/advisories/19794
ADV-2007-0058
http://www.vupen.com/english/advisories/2007/0058
HPSBTU02118
http://www.securityfocus.com/archive/1/434524/100/0/threaded
MDKSA-2006:075
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
SSRT061145
TA06-107A
http://www.us-cert.gov/cas/techalerts/TA06-107A.html
VU#932734
http://www.kb.cert.org/vuls/id/932734
http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
mozilla-generatecrmfrequest-code-execution(25812)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25812
oval:org.mitre.oval:def:10508
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10508
oval:org.mitre.oval:def:1698
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1698
Common Vulnerability Exposure (CVE) ID: CVE-2006-1729
SUSE-SA:2006:035
http://www.novell.com/linux/security/advisories/2006_35_mozilla.html
http://www.mozilla.org/security/announce/2006/mfsa2006-23.html
mozilla-textbox-file-access(25823)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823
oval:org.mitre.oval:def:10922
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922
oval:org.mitre.oval:def:1929
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929
Common Vulnerability Exposure (CVE) ID: CVE-2006-1730
1015915
http://securitytracker.com/id?1015915
1015916
http://securitytracker.com/id?1015916
1015917
http://securitytracker.com/id?1015917
1015918
http://securitytracker.com/id?1015918
20060415 ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability
http://www.securityfocus.com/archive/1/431060/100/0/threaded
720
http://securityreason.com/securityalert/720
VU#179014
http://www.kb.cert.org/vuls/id/179014
http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
http://www.zerodayinitiative.com/advisories/ZDI-06-010.html
mozilla-css-letterspacing-overflow(25826)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25826
oval:org.mitre.oval:def:10055
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055
oval:org.mitre.oval:def:1614
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614
Common Vulnerability Exposure (CVE) ID: CVE-2006-1731
http://www.mozilla.org/security/announce/2006/mfsa2006-19.html
mozilla-valueof-xss(25820)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25820
oval:org.mitre.oval:def:1955
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1955
oval:org.mitre.oval:def:9604
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9604
Common Vulnerability Exposure (CVE) ID: CVE-2006-1732
http://www.mozilla.org/security/announce/2006/mfsa2006-17.html
https://bugzilla.mozilla.org/show_bug.cgi?id=313373
mozilla-windows-controllers-xss(25818)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25818
oval:org.mitre.oval:def:10232
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10232
oval:org.mitre.oval:def:1887
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1887
Common Vulnerability Exposure (CVE) ID: CVE-2006-1733
VU#488774
http://www.kb.cert.org/vuls/id/488774
http://www.mozilla.org/security/announce/2006/mfsa2006-16.html
mozilla-valueof-code-execution(25817)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25817
oval:org.mitre.oval:def:10815
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10815
oval:org.mitre.oval:def:2020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2020
Common Vulnerability Exposure (CVE) ID: CVE-2006-1734
VU#842094
http://www.kb.cert.org/vuls/id/842094
http://www.mozilla.org/security/announce/2006/mfsa2006-15.html
mozilla-cloneparent-code-execution(25816)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25816
oval:org.mitre.oval:def:10755
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10755
oval:org.mitre.oval:def:1247
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1247
Common Vulnerability Exposure (CVE) ID: CVE-2006-1735
VU#813230
http://www.kb.cert.org/vuls/id/813230
http://www.mozilla.org/security/announce/2006/mfsa2006-14.html
mozilla-xbl-code-execution(25815)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25815
oval:org.mitre.oval:def:1037
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037
oval:org.mitre.oval:def:10930
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930
Common Vulnerability Exposure (CVE) ID: CVE-2006-1737
VU#329500
http://www.kb.cert.org/vuls/id/329500
http://www.mozilla.org/security/announce/2006/mfsa2006-11.html
mozilla-javascript-regexpr-memory-corruption(25808)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25808
oval:org.mitre.oval:def:10817
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817
oval:org.mitre.oval:def:1829
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829
Common Vulnerability Exposure (CVE) ID: CVE-2006-1738
VU#252324
http://www.kb.cert.org/vuls/id/252324
mozilla-mozgrid-memory-corruption(25811)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25811
oval:org.mitre.oval:def:1687
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1687
oval:org.mitre.oval:def:9405
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9405
Common Vulnerability Exposure (CVE) ID: CVE-2006-1739
VU#935556
http://www.kb.cert.org/vuls/id/935556
https://bugzilla.mozilla.org/show_bug.cgi?id=265736
mozilla-css-memory-corruption(25810)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25810
oval:org.mitre.oval:def:1667
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1667
oval:org.mitre.oval:def:9817
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9817
Common Vulnerability Exposure (CVE) ID: CVE-2006-1740
http://www.mozilla.org/security/announce/2006/mfsa2006-12.html
https://bugzilla.mozilla.org/show_bug.cgi?id=271194
mozilla-secure-site-spoofing(25813)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25813
oval:org.mitre.oval:def:10424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424
oval:org.mitre.oval:def:1811
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811
Common Vulnerability Exposure (CVE) ID: CVE-2006-1741
http://www.mozilla.org/security/announce/2006/mfsa2006-09.html
mozilla-eventhandler-xss(25806)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25806
oval:org.mitre.oval:def:1855
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1855
oval:org.mitre.oval:def:9167
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9167
Common Vulnerability Exposure (CVE) ID: CVE-2006-1742
VU#492382
http://www.kb.cert.org/vuls/id/492382
http://www.mozilla.org/security/announce/2006/mfsa2006-10.html
mozilla-garbage-memory-corruption(25807)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25807
oval:org.mitre.oval:def:1087
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087
oval:org.mitre.oval:def:11808
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808
Common Vulnerability Exposure (CVE) ID: CVE-2006-0749
BugTraq ID: 17516
Bugtraq: 20060417 ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/431126/100/0/threaded
Cert/CC Advisory: TA06-107A
CERT/CC vulnerability note: VU#736934
http://www.kb.cert.org/vuls/id/736934
Debian Security Information: DSA-1044 (Google Search)
Debian Security Information: DSA-1046 (Google Search)
Debian Security Information: DSA-1051 (Google Search)
HPdes Security Advisory: HPSBTU02118
HPdes Security Advisory: HPSBUX02122
HPdes Security Advisory: SSRT061145
HPdes Security Advisory: SSRT061158
http://www.zerodayinitiative.com/advisories/ZDI-06-009.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11704
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1848
SCO Security Bulletin: SCOSA-2006.26
SGI Security Advisory: 20060404-01-U
http://securityreason.com/securityalert/729
SuSE Security Announcement: SUSE-SA:2006:021 (Google Search)
SuSE Security Announcement: SUSE-SA:2006:022 (Google Search)
XForce ISS Database: mozilla-nshtmlcontentsink-memory-corruption(25819)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25819
Common Vulnerability Exposure (CVE) ID: CVE-2006-1790
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11202
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1266
XForce ISS Database: mozilla-installtrigger-memory-corruption(25809)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25809
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.