 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.801136 |
| Categoría: | Buffer overflow |
| Título: | Mozilla Seamonkey Multiple Vulnerabilities (Nov 2009) - Windows |
| Resumen: | Mozilla Seamonkey browser is prone to multiple vulnerabilities. |
| Descripción: | Summary: Mozilla Seamonkey browser is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to following errors: - When parsing regular expressions used in Proxy Auto-configuration. This can be exploited to cause a crash or potentially execute arbitrary code via specially crafted configured PAC files. - When processing GIF color maps can be exploited to cause a heap based buffer overflow and potentially execute arbitrary code via a specially crafted GIF file. - An error when downloading files can be exploited to display different file names in the download dialog title bar and download dialog body. This can be exploited to obfuscate file names via a right-to-left override character and potentially trick a user into running an executable file. Vulnerability Impact: Successful exploitation will let attacker to disclose sensitive information, bypass certain security restrictions, manipulate certain data, or compromise a user's system. Affected Software/OS: Mozilla Seamonkey version prior to 2.0 on Windows. Solution: Upgrade to Seamonkey version 2.0. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-3372 http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10977 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6347 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.vupen.com/english/advisories/2009/3334 Common Vulnerability Exposure (CVE) ID: CVE-2009-3373 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10684 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6548 Common Vulnerability Exposure (CVE) ID: CVE-2009-3376 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11218 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6541 http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://secunia.com/advisories/38977 SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://www.ubuntu.com/usn/USN-915-1 http://www.vupen.com/english/advisories/2010/0648 http://www.vupen.com/english/advisories/2010/0650 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |