ID de Prueba:	1.3.6.1.4.1.25623.1.0.68284
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0808
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0808. Mozilla Firefox is an open source web browser. A race condition flaw was found in the way Firefox handled Document Object Model (DOM) element properties. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3765) For technical details regarding this flaw, refer to the Mozilla security advisories for Firefox 3.6.12. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to this updated package, which contains a backported patch to correct this issue. After installing the update, Firefox must be restarted for the changes to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0808.html http://www.redhat.com/security/updates/classification/#critical http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.12 Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3765 BugTraq ID: 44425 http://www.securityfocus.com/bid/44425 Debian Security Information: DSA-2124 (Google Search) http://www.debian.org/security/2010/dsa-2124 http://www.exploit-db.com/exploits/15341 http://www.exploit-db.com/exploits/15342 http://www.exploit-db.com/exploits/15352 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:213 http://www.mandriva.com/security/advisories?name=MDVSA-2010:219 http://isc.sans.edu/diary.html?storyid=9817 http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter http://www.norman.com/about_norman/press_center/news_archive/2010/129223/ http://www.norman.com/security_center/virus_description_archive/129146/ https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108 http://www.redhat.com/support/errata/RHSA-2010-0808.html http://www.redhat.com/support/errata/RHSA-2010-0809.html http://www.redhat.com/support/errata/RHSA-2010-0810.html RedHat Security Advisories: RHSA-2010:0812 https://rhn.redhat.com/errata/RHSA-2010-0812.html http://www.redhat.com/support/errata/RHSA-2010-0861.html http://www.redhat.com/support/errata/RHSA-2010-0896.html http://www.securitytracker.com/id?1024645 http://www.securitytracker.com/id?1024650 http://www.securitytracker.com/id?1024651 http://secunia.com/advisories/41761 http://secunia.com/advisories/41965 http://secunia.com/advisories/41966 http://secunia.com/advisories/41969 http://secunia.com/advisories/41975 http://secunia.com/advisories/42003 http://secunia.com/advisories/42008 http://secunia.com/advisories/42043 http://secunia.com/advisories/42867 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706 http://www.ubuntu.com/usn/usn-1011-1 http://www.ubuntu.com/usn/USN-1011-2 http://www.ubuntu.com/usn/USN-1011-3 http://www.vupen.com/english/advisories/2010/2837 http://www.vupen.com/english/advisories/2010/2857 http://www.vupen.com/english/advisories/2010/2864 http://www.vupen.com/english/advisories/2010/2871 http://www.vupen.com/english/advisories/2011/0061
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.