English | Deutsch | Español | Português
 ID de Usuario:
 Contraseña:
Nuevo usuario
 Acerca de:   Dedicada | Avanzada | Estándar | Periódica | Sin Riesgo | Escritorio | Básica | Individual | Sello | FAQ
  Resumen de Precio/Funciones | Ordenar  | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad
 Búsqueda de    
Vulnerabilidad   
    Buscar 75803 Descripciones CVE y
40037 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.58063
Categoría:Gentoo Local Security Checks
Título:Gentoo Security Advisory GLSA 200703-04 (mozilla-firefox)
Resumen:Gentoo Security Advisory GLSA 200703-04 (mozilla-firefox)
Descripción:The remote host is missing updates announced in
advisory GLSA 200703-04.

Multiple vulnerabilities have been reported in Mozilla Firefox, some of
which may allow user-assisted arbitrary remote code execution.

Solution:
Users upgrading to the following releases of Mozilla Firefox should note
that this upgrade has been found to lose the saved passwords file in some
cases. The saved passwords are encrypted and stored in the 'signons.txt'
file of ~
/.mozilla/ and we advise our users to save that file before
performing the upgrade.

All Mozilla Firefox 1.5 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-1.5.0.10'

All Mozilla Firefox 1.5 binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-1.5.0.10'

All Mozilla Firefox 2.0 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-2.0.0.2'

All Mozilla Firefox 2.0 binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-2.0.0.2'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200703-04
http://bugs.gentoo.org/show_bug.cgi?id=165555
https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366
Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-6077
Bugtraq: 20061122 Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords (Google Search)
http://www.securityfocus.com/archive/1/archive/1/452382/100/0/threaded
Bugtraq: 20061123 Password Flaw also in Firefox 1.5.08. Was: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords (Google Search)
http://www.securityfocus.com/archive/1/archive/1/452431/100/0/threaded
Bugtraq: 20061123 Re: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords (Google Search)
http://www.securityfocus.com/archive/1/archive/1/452440/100/0/threaded
Bugtraq: 20061123 Re: Password Flaw also in Firefox 1.5.08. Was: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords (Google Search)
http://www.securityfocus.com/archive/1/archive/1/452463/100/0/threaded
Bugtraq: 20061220 critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip (Google Search)
http://www.securityfocus.com/archive/1/archive/1/454982/100/0/threaded
Bugtraq: 20061221 Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip (Google Search)
http://www.securityfocus.com/archive/1/archive/1/455073/100/0/threaded
Bugtraq: 20061222 Re[2]: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip (Google Search)
http://www.securityfocus.com/archive/1/archive/1/455148/100/0/threaded
Bugtraq: 20070226 rPSA-2007-0040-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/archive/1/461336/100/0/threaded
Bugtraq: 20070303 rPSA-2007-0040-3 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/archive/1/461809/100/0/threaded
http://www.info-svc.com/news/11-21-2006/
http://www.info-svc.com/news/11-21-2006/rcsr1/
Debian Security Information: DSA-1336 (Google Search)
http://www.debian.org/security/2007/dsa-1336
http://fedoranews.org/cms/node/2713
http://fedoranews.org/cms/node/2728
http://security.gentoo.org/glsa/glsa-200703-04.xml
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
http://www.redhat.com/support/errata/RHSA-2007-0079.html
RedHat Security Advisories: RHSA-2007:0077
http://rhn.redhat.com/errata/RHSA-2007-0077.html
http://www.redhat.com/support/errata/RHSA-2007-0078.html
http://www.redhat.com/support/errata/RHSA-2007-0097.html
http://www.redhat.com/support/errata/RHSA-2007-0108.html
SGI Security Advisory: 20070301-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
SGI Security Advisory: 20070202-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
SuSE Security Announcement: SUSE-SA:2007:019 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
SuSE Security Announcement: SUSE-SA:2007:022 (Google Search)
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
http://www.ubuntu.com/usn/usn-428-1
BugTraq ID: 21240
http://www.securityfocus.com/bid/21240
BugTraq ID: 22694
http://www.securityfocus.com/bid/22694
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10031
http://www.vupen.com/english/advisories/2006/4662
http://www.vupen.com/english/advisories/2007/0718
http://securitytracker.com/id?1017271
http://secunia.com/advisories/23046
http://secunia.com/advisories/23108
http://secunia.com/advisories/24238
http://secunia.com/advisories/24287
http://secunia.com/advisories/24290
http://secunia.com/advisories/24205
http://secunia.com/advisories/24328
http://secunia.com/advisories/24333
http://secunia.com/advisories/24343
http://secunia.com/advisories/24320
http://secunia.com/advisories/24293
http://secunia.com/advisories/24393
http://secunia.com/advisories/24395
http://secunia.com/advisories/24384
http://secunia.com/advisories/24437
http://secunia.com/advisories/24650
http://secunia.com/advisories/24457
http://secunia.com/advisories/24342
http://secunia.com/advisories/25588
XForce ISS Database: firefox-passwordmgr-information-disclosure(30470)
http://xforce.iss.net/xforce/xfdb/30470
Common Vulnerability Exposure (CVE) ID: CVE-2007-0775
http://fedoranews.org/cms/node/2747
http://fedoranews.org/cms/node/2749
http://security.gentoo.org/glsa/glsa-200703-18.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:052
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947
http://www.ubuntu.com/usn/usn-431-1
CERT/CC vulnerability note: VU#761756
http://www.kb.cert.org/vuls/id/761756
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10012
http://www.vupen.com/english/advisories/2007/0719
http://www.vupen.com/english/advisories/2008/0083
http://www.osvdb.org/32114
http://www.securitytracker.com/id?1017698
http://secunia.com/advisories/24252
http://secunia.com/advisories/24389
http://secunia.com/advisories/24410
http://secunia.com/advisories/24522
http://secunia.com/advisories/24406
http://secunia.com/advisories/24455
http://secunia.com/advisories/24456
XForce ISS Database: mozilla-multiple-layout-code-execution(32704)
http://xforce.iss.net/xforce/xfdb/32704
Common Vulnerability Exposure (CVE) ID: CVE-2007-0776
https://bugzilla.mozilla.org/show_bug.cgi?id=360645
CERT/CC vulnerability note: VU#551436
http://www.kb.cert.org/vuls/id/551436
http://www.osvdb.org/32113
XForce ISS Database: firefox-strokewidth-bo(32698)
http://xforce.iss.net/xforce/xfdb/32698
Common Vulnerability Exposure (CVE) ID: CVE-2007-0777
CERT/CC vulnerability note: VU#269484
http://www.kb.cert.org/vuls/id/269484
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11331
http://www.osvdb.org/32115
XForce ISS Database: mozilla-multiple-javascript-code-execution(32699)
http://xforce.iss.net/xforce/xfdb/32699
Common Vulnerability Exposure (CVE) ID: CVE-2007-0778
https://bugzilla.mozilla.org/show_bug.cgi?id=347852
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9151
http://www.osvdb.org/32110
http://securitytracker.com/id?1017699
XForce ISS Database: mozilla-diskcache-information-disclosure(32671)
http://xforce.iss.net/xforce/xfdb/32671
Common Vulnerability Exposure (CVE) ID: CVE-2007-0779
https://bugzilla.mozilla.org/show_bug.cgi?id=361298
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8757
http://osvdb.org/32109
http://www.securitytracker.com/id?1017700
Common Vulnerability Exposure (CVE) ID: CVE-2007-0780
https://bugzilla.mozilla.org/show_bug.cgi?id=354973
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9884
http://www.osvdb.org/32107
http://www.securitytracker.com/id?1017702
XForce ISS Database: mozilla-dataurl-xss(32667)
http://xforce.iss.net/xforce/xfdb/32667
Common Vulnerability Exposure (CVE) ID: CVE-2007-0800
Bugtraq: 20070205 Firefox + popup blocker + XMLHttpRequest + srand() = oops (Google Search)
http://www.securityfocus.com/archive/1/archive/1/459162/100/0/threaded
Bugtraq: 20070205 Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand() = oops (Google Search)
http://www.securityfocus.com/archive/1/459163/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052209.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052211.html
BugTraq ID: 22396
http://www.securityfocus.com/bid/22396
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10654
http://www.osvdb.org/32108
XForce ISS Database: firefox-popup-security-bypass(32194)
http://xforce.iss.net/xforce/xfdb/32194
Common Vulnerability Exposure (CVE) ID: CVE-2007-0801
Common Vulnerability Exposure (CVE) ID: CVE-2007-0981
Bugtraq: 20070214 Firefox: serious cookie stealing / same-domain bypass vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/460126/100/200/threaded
http://www.securityfocus.com/archive/1/460217/100/0/threaded
http://lcamtuf.dione.cc/ffhostname.html
CERT/CC vulnerability note: VU#885753
http://www.kb.cert.org/vuls/id/885753
BugTraq ID: 22566
http://www.securityfocus.com/bid/22566
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9730
http://www.vupen.com/english/advisories/2007/0624
http://www.osvdb.org/32104
http://securitytracker.com/id?1017654
http://secunia.com/advisories/24175
http://securityreason.com/securityalert/2262
XForce ISS Database: firefox-locationhostname-security-bypass(32533)
http://xforce.iss.net/xforce/xfdb/32533
Common Vulnerability Exposure (CVE) ID: CVE-2007-0995
http://ha.ckers.org/xss.html#XSS_Non_alpha_non_digit2
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10164
http://www.osvdb.org/32111
http://osvdb.org/32112
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 40037 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:
Usuario:
Contraseña:
Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.
Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.
   Privacidad
Ingreso de Usuario Registrado
 
Usuario:   
Contraseña:  

 ¿Olvidó su usuario o contraseña??
Email/ID de Usario:




Principal | Acerca de Nosotros | Contáctenos | Programas de Asociado | Developer APIs | Privacidad | Listas de Correo | Abuso
Auditorías de Seguridad | DNS Administrado | Monitoreo de Red | Analizador de Sitio | Informes de Investigación de Internet
Prueba de Web | Whois

© 1998-2014 E-Soft Inc. Todos los derechos reservados.