English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.64528
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDVSA-2009:185 (firefox)
Summary:The remote host is missing an update to firefox;announced via advisory MDVSA-2009:185.
Description:Summary:
The remote host is missing an update to firefox
announced via advisory MDVSA-2009:185.

Vulnerability Insight:
Security vulnerabilities have been discovered and corrected in Mozilla
Firefox 3.0.x:

Several flaws in Firefox browser and javascript engine could allow a
malicious site to cause a denial-of-service of possibly remote code
execution (CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1837,
CVE-2009-1838, CVE-2009-1841, CVE-2009-2043, CVE-2009-2044).

Several flaws were discovered in Firefox which could lead to
information disclosure and security bypass (CVE-2009-1834,
CVE-2009-1835, CVE-2009-1836, CVE-2009-1839, CVE-2009-1840).

Several flaws were discovered in the Firefox browser and
JavaScript engines, which could allow a malicious website to
cause a denial of service or possibly execute arbitrary code with
user privileges. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2464,
CVE-2009-2465, CVE-2009-2466, CVE-2009-2468)

Attila Suszter discovered a flaw in the way Firefox processed
Flash content, which could cause a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2009-2467)

It was discovered that Firefox did not properly handle some
SVG content, which could lead to a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2009-2469)

A flaw was discovered in the JavaScript engine which could be used
to perform cross-site scripting attacks. (CVE-2009-2472)

This update provides the latest Mozilla Firefox 3.0.x to correct
these issues.

Additionally, some packages which require so, have been rebuilt and
are being provided as updates.

Affected: Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-1392
1020800
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1
1022376
http://securitytracker.com/id?1022376
1022397
http://www.securitytracker.com/id?1022397
265068
http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1
35326
http://www.securityfocus.com/bid/35326
35331
http://secunia.com/advisories/35331
35370
http://www.securityfocus.com/bid/35370
35415
http://secunia.com/advisories/35415
35428
http://secunia.com/advisories/35428
35431
http://secunia.com/advisories/35431
35439
http://secunia.com/advisories/35439
35440
http://secunia.com/advisories/35440
35468
http://secunia.com/advisories/35468
35536
http://secunia.com/advisories/35536
35561
http://secunia.com/advisories/35561
35602
http://secunia.com/advisories/35602
55144
http://osvdb.org/55144
55145
http://osvdb.org/55145
55146
http://osvdb.org/55146
55147
http://osvdb.org/55147
ADV-2009-1572
http://www.vupen.com/english/advisories/2009/1572
ADV-2009-2152
http://www.vupen.com/english/advisories/2009/2152
DSA-1820
http://www.debian.org/security/2009/dsa-1820
DSA-1830
http://www.debian.org/security/2009/dsa-1830
FEDORA-2009-6366
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html
FEDORA-2009-6411
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html
MDVSA-2009:141
http://www.mandriva.com/security/advisories?name=MDVSA-2009:141
RHSA-2009:1095
https://rhn.redhat.com/errata/RHSA-2009-1095.html
RHSA-2009:1096
http://rhn.redhat.com/errata/RHSA-2009-1096.html
RHSA-2009:1125
http://www.redhat.com/support/errata/RHSA-2009-1125.html
RHSA-2009:1126
http://www.redhat.com/support/errata/RHSA-2009-1126.html
SSA:2009-167-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468
SSA:2009-176-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408
SSA:2009-178-01
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275
USN-782-1
http://www.ubuntu.com/usn/usn-782-1
http://www.mozilla.org/security/announce/2009/mfsa2009-24.html
https://bugzilla.mozilla.org/show_bug.cgi?id=380359
https://bugzilla.mozilla.org/show_bug.cgi?id=429969
https://bugzilla.mozilla.org/show_bug.cgi?id=431086
https://bugzilla.mozilla.org/show_bug.cgi?id=432068
https://bugzilla.mozilla.org/show_bug.cgi?id=451341
https://bugzilla.mozilla.org/show_bug.cgi?id=472776
https://bugzilla.mozilla.org/show_bug.cgi?id=486398
https://bugzilla.mozilla.org/show_bug.cgi?id=489041
https://bugzilla.mozilla.org/show_bug.cgi?id=490410
https://bugzilla.mozilla.org/show_bug.cgi?id=490425
https://bugzilla.mozilla.org/show_bug.cgi?id=490513
https://bugzilla.redhat.com/show_bug.cgi?id=503568
oval:org.mitre.oval:def:9501
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9501
Common Vulnerability Exposure (CVE) ID: CVE-2009-1832
35371
http://www.securityfocus.com/bid/35371
35882
http://secunia.com/advisories/35882
55148
http://osvdb.org/55148
FEDORA-2009-7567
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html
FEDORA-2009-7614
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html
https://bugzilla.mozilla.org/show_bug.cgi?id=484031
https://bugzilla.redhat.com/show_bug.cgi?id=503569
oval:org.mitre.oval:def:10237
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10237
Common Vulnerability Exposure (CVE) ID: CVE-2009-1833
35372
http://www.securityfocus.com/bid/35372
55152
http://osvdb.org/55152
55153
http://osvdb.org/55153
55154
http://osvdb.org/55154
https://bugzilla.mozilla.org/show_bug.cgi?id=369696
https://bugzilla.mozilla.org/show_bug.cgi?id=426520
https://bugzilla.mozilla.org/show_bug.cgi?id=427196
https://bugzilla.mozilla.org/show_bug.cgi?id=487204
https://bugzilla.redhat.com/show_bug.cgi?id=503570
oval:org.mitre.oval:def:11487
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11487
Common Vulnerability Exposure (CVE) ID: CVE-2009-1837
1022386
http://www.securitytracker.com/id?1022386
20090612 Secunia Research: Mozilla Firefox Java Applet Loading Vulnerability
http://www.securityfocus.com/archive/1/504260/100/0/threaded
264308
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1
34241
http://secunia.com/advisories/34241
35360
http://www.securityfocus.com/bid/35360
http://secunia.com/secunia_research/2009-19/
http://www.mozilla.org/security/announce/2009/mfsa2009-28.html
https://bugzilla.mozilla.org/show_bug.cgi?id=486269
https://bugzilla.redhat.com/show_bug.cgi?id=503579
oval:org.mitre.oval:def:10628
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10628
Common Vulnerability Exposure (CVE) ID: CVE-2009-1838
35383
http://www.securityfocus.com/bid/35383
55157
http://osvdb.org/55157
http://www.mozilla.org/security/announce/2009/mfsa2009-29.html
https://bugzilla.mozilla.org/show_bug.cgi?id=489131
https://bugzilla.redhat.com/show_bug.cgi?id=503580
oval:org.mitre.oval:def:11080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11080
Common Vulnerability Exposure (CVE) ID: CVE-2009-1841
35373
http://www.securityfocus.com/bid/35373
55159
http://osvdb.org/55159
http://www.mozilla.org/security/announce/2009/mfsa2009-32.html
https://bugzilla.mozilla.org/show_bug.cgi?id=479560
https://bugzilla.redhat.com/show_bug.cgi?id=503583
oval:org.mitre.oval:def:9815
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9815
Common Vulnerability Exposure (CVE) ID: CVE-2009-2043
BugTraq ID: 35413
http://www.securityfocus.com/bid/35413
RedHat Security Advisories: RHSA-2009:1095
XForce ISS Database: firefox-nsviewmanager-dos(51197)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51197
Common Vulnerability Exposure (CVE) ID: CVE-2009-2044
BugTraq ID: 35280
http://www.securityfocus.com/bid/35280
Bugtraq: 20090610 [ECHO_ADV_110$2009] Firefox (GNU/Linux version) <= 3.0.10 Denial Of Services (Google Search)
http://www.securityfocus.com/archive/1/504214
http://e-rdc.org/v1/news.php?readmore=137
https://bugzilla.mozilla.org/show_bug.cgi?id=496265
XForce ISS Database: mozilla-firefox-gif-dos(51037)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51037
Common Vulnerability Exposure (CVE) ID: CVE-2009-1834
35388
http://www.securityfocus.com/bid/35388
55162
http://osvdb.org/55162
http://www.mozilla.org/security/announce/2009/mfsa2009-25.html
https://bugzilla.mozilla.org/show_bug.cgi?id=479413
https://bugzilla.redhat.com/show_bug.cgi?id=503573
oval:org.mitre.oval:def:10436
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10436
Common Vulnerability Exposure (CVE) ID: CVE-2009-1835
35391
http://www.securityfocus.com/bid/35391
55161
http://osvdb.org/55161
http://www.mozilla.org/security/announce/2009/mfsa2009-26.html
https://bugzilla.mozilla.org/show_bug.cgi?id=491801
https://bugzilla.redhat.com/show_bug.cgi?id=503576
oval:org.mitre.oval:def:9803
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9803
Common Vulnerability Exposure (CVE) ID: CVE-2009-1836
1022396
http://www.securitytracker.com/id?1022396
35380
http://www.securityfocus.com/bid/35380
55160
http://osvdb.org/55160
http://research.microsoft.com/apps/pubs/default.aspx?id=79323
http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf
http://www.mozilla.org/security/announce/2009/mfsa2009-27.html
https://bugzilla.mozilla.org/show_bug.cgi?id=479880
https://bugzilla.redhat.com/show_bug.cgi?id=503578
oval:org.mitre.oval:def:11764
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11764
Common Vulnerability Exposure (CVE) ID: CVE-2009-1839
35386
http://www.securityfocus.com/bid/35386
55163
http://osvdb.org/55163
http://www.mozilla.org/security/announce/2009/mfsa2009-30.html
https://bugzilla.mozilla.org/show_bug.cgi?id=479943
https://bugzilla.redhat.com/show_bug.cgi?id=503581
oval:org.mitre.oval:def:9256
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9256
Common Vulnerability Exposure (CVE) ID: CVE-2009-1840
1022379
http://www.securitytracker.com/id?1022379
55158
http://osvdb.org/55158
firefox-xul-security-bypass(51076)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51076
http://www.mozilla.org/security/announce/2009/mfsa2009-31.html
https://bugzilla.mozilla.org/show_bug.cgi?id=477979
https://bugzilla.redhat.com/show_bug.cgi?id=503582
oval:org.mitre.oval:def:9448
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9448
Common Vulnerability Exposure (CVE) ID: CVE-2009-2462
35758
http://www.securityfocus.com/bid/35758
35914
http://secunia.com/advisories/35914
35943
http://secunia.com/advisories/35943
35944
http://secunia.com/advisories/35944
35947
http://secunia.com/advisories/35947
36005
http://secunia.com/advisories/36005
36145
http://secunia.com/advisories/36145
ADV-2009-1972
http://www.vupen.com/english/advisories/2009/1972
ADV-2010-0650
http://www.vupen.com/english/advisories/2010/0650
FEDORA-2009-7961
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html
RHSA-2009:1162
http://rhn.redhat.com/errata/RHSA-2009-1162.html
RHSA-2009:1163
http://rhn.redhat.com/errata/RHSA-2009-1163.html
RHSA-2010:0153
http://www.redhat.com/support/errata/RHSA-2010-0153.html
RHSA-2010:0154
http://www.redhat.com/support/errata/RHSA-2010-0154.html
SUSE-SA:2009:039
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html
SUSE-SA:2009:042
http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html
http://www.mozilla.org/security/announce/2009/mfsa2009-34.html
https://bugzilla.mozilla.org/show_bug.cgi?id=413085
https://bugzilla.mozilla.org/show_bug.cgi?id=442227
https://bugzilla.mozilla.org/show_bug.cgi?id=445177
https://bugzilla.mozilla.org/show_bug.cgi?id=461861
https://bugzilla.mozilla.org/show_bug.cgi?id=463350
https://bugzilla.mozilla.org/show_bug.cgi?id=466763
https://bugzilla.mozilla.org/show_bug.cgi?id=468211
https://bugzilla.mozilla.org/show_bug.cgi?id=472668
https://bugzilla.mozilla.org/show_bug.cgi?id=472950
https://bugzilla.mozilla.org/show_bug.cgi?id=491134
oval:org.mitre.oval:def:10906
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906
Common Vulnerability Exposure (CVE) ID: CVE-2009-2463
38977
http://secunia.com/advisories/38977
39001
http://secunia.com/advisories/39001
ADV-2010-0648
http://www.vupen.com/english/advisories/2010/0648
SUSE-SR:2010:013
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
USN-915-1
http://www.ubuntu.com/usn/USN-915-1
http://www.mozilla.org/security/announce/2010/mfsa2010-07.html
https://bugzilla.mozilla.org/show_bug.cgi?id=492779
oval:org.mitre.oval:def:10369
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10369
Common Vulnerability Exposure (CVE) ID: CVE-2009-2464
https://bugzilla.mozilla.org/show_bug.cgi?id=441785
oval:org.mitre.oval:def:9594
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9594
Common Vulnerability Exposure (CVE) ID: CVE-2009-2465
https://bugzilla.mozilla.org/show_bug.cgi?id=482578
https://bugzilla.mozilla.org/show_bug.cgi?id=489050
oval:org.mitre.oval:def:10402
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10402
Common Vulnerability Exposure (CVE) ID: CVE-2009-2466
https://bugzilla.mozilla.org/show_bug.cgi?id=454704
https://bugzilla.mozilla.org/show_bug.cgi?id=465980
https://bugzilla.mozilla.org/show_bug.cgi?id=493281
https://bugzilla.mozilla.org/show_bug.cgi?id=494445
oval:org.mitre.oval:def:9820
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9820
Common Vulnerability Exposure (CVE) ID: CVE-2009-2468
http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
BugTraq ID: 35758
http://www.securitytracker.com/id?1022717
http://secunia.com/advisories/36701
Common Vulnerability Exposure (CVE) ID: CVE-2009-2467
266148
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1
http://www.mozilla.org/security/announce/2009/mfsa2009-35.html
https://bugzilla.mozilla.org/show_bug.cgi?id=493601
oval:org.mitre.oval:def:10473
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10473
Common Vulnerability Exposure (CVE) ID: CVE-2009-2469
http://www.mozilla.org/security/announce/2009/mfsa2009-37.html
https://bugzilla.mozilla.org/show_bug.cgi?id=488995
oval:org.mitre.oval:def:10030
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10030
Common Vulnerability Exposure (CVE) ID: CVE-2009-2472
http://www.mozilla.org/security/announce/2009/mfsa2009-40.html
https://bugzilla.mozilla.org/show_bug.cgi?id=479288
https://bugzilla.mozilla.org/show_bug.cgi?id=481434
https://bugzilla.mozilla.org/show_bug.cgi?id=497102
oval:org.mitre.oval:def:9497
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9497
Common Vulnerability Exposure (CVE) ID: CVE-2009-2061
BugTraq ID: 35412
http://www.securityfocus.com/bid/35412
XForce ISS Database: firefox-httpconnect-code-execution(51203)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51203
Common Vulnerability Exposure (CVE) ID: CVE-2009-2065
BugTraq ID: 35403
http://www.securityfocus.com/bid/35403
XForce ISS Database: firefox-https-security-bypass(51189)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51189
CopyrightCopyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.