Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.802185 |
Categoría: | General |
Título: | Mozilla Products Enter Key Dialog Bypass and Use-After-Free Memory Corruption Vulnerabilities (MAC OS X) |
Resumen: | The host is installed with Mozilla firefox/thunderbird/seamonkey; and is prone to enter key dialog bypass and use-after-free memory corruption; vulnerabilities. |
Descripción: | Summary: The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to enter key dialog bypass and use-after-free memory corruption vulnerabilities. Vulnerability Insight: The flaws are due to - not preventing manual add-on installation in response to the holding of the Enter key. - a use-after-free error existing when parsing OGG headers. Vulnerability Impact: Successful exploitation will let attackers to, attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code. Affected Software/OS: SeaMonkey version prior to 2.4 Thunderbird version prior to 7.0 Mozilla Firefox version 4.x through 6 Solution: Upgrade to Mozilla Firefox version 7.0 or later, Upgrade to SeaMonkey version to 2.4 or later, Upgrade to Thunderbird version to 7.0 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Referencia Cruzada: |
BugTraq ID: 49837 BugTraq ID: 49808 Common Vulnerability Exposure (CVE) ID: CVE-2011-3001 http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 http://www.mandriva.com/security/advisories?name=MDVSA-2011:140 http://www.mandriva.com/security/advisories?name=MDVSA-2011:141 http://www.mandriva.com/security/advisories?name=MDVSA-2011:142 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14442 http://secunia.com/advisories/46315 SuSE Security Announcement: SUSE-SU-2011:1256 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html SuSE Security Announcement: openSUSE-SU-2011:1076 (Google Search) http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2011-3005 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14352 http://secunia.com/advisories/49055 |
Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |