Test ID:	1.3.6.1.4.1.25623.1.0.66547
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2009:339 (firefox)
Summary:	The remote host is missing an update to firefox;announced via advisory MDVSA-2009:339.
Description:	Summary: The remote host is missing an update to firefox announced via advisory MDVSA-2009:339. Vulnerability Insight: Security issues were identified and fixed in firefox 3.0.x. For details, please visit the referenced advisories. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Affected: 2008.0, 2009.1, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3979 BugTraq ID: 37349 http://www.securityfocus.com/bid/37349 BugTraq ID: 37361 http://www.securityfocus.com/bid/37361 Debian Security Information: DSA-1956 (Google Search) http://www.debian.org/security/2009/dsa-1956 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10956 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8487 RedHat Security Advisories: RHSA-2009:1673 https://rhn.redhat.com/errata/RHSA-2009-1673.html RedHat Security Advisories: RHSA-2009:1674 https://rhn.redhat.com/errata/RHSA-2009-1674.html http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://securitytracker.com/id?1023333 http://securitytracker.com/id?1023334 http://secunia.com/advisories/37699 http://secunia.com/advisories/37703 http://secunia.com/advisories/37704 http://secunia.com/advisories/37785 http://secunia.com/advisories/37813 http://secunia.com/advisories/37856 http://secunia.com/advisories/37881 SuSE Security Announcement: SUSE-SA:2009:063 (Google Search) http://www.novell.com/linux/security/advisories/2009_63_firefox.html http://www.ubuntu.com/usn/USN-873-1 http://www.ubuntu.com/usn/USN-874-1 http://www.vupen.com/english/advisories/2009/3547 http://www.vupen.com/english/advisories/2010/0650 XForce ISS Database: mozilla-seamonkey-browser-code-exec(54799) https://exchange.xforce.ibmcloud.com/vulnerabilities/54799 Common Vulnerability Exposure (CVE) ID: CVE-2009-3980 BugTraq ID: 37362 http://www.securityfocus.com/bid/37362 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8503 XForce ISS Database: firefox-browser-eng-code-exec(54800) https://exchange.xforce.ibmcloud.com/vulnerabilities/54800 Common Vulnerability Exposure (CVE) ID: CVE-2009-3981 BugTraq ID: 37363 http://www.securityfocus.com/bid/37363 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8523 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8584 XForce ISS Database: firefox-browser-engine-code-exec(54801) https://exchange.xforce.ibmcloud.com/vulnerabilities/54801 Common Vulnerability Exposure (CVE) ID: CVE-2009-3983 BugTraq ID: 37366 http://www.securityfocus.com/bid/37366 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10047 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8240 http://securitytracker.com/id?1023340 http://securitytracker.com/id?1023341 http://secunia.com/advisories/38977 http://secunia.com/advisories/39001 SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://www.ubuntu.com/usn/USN-915-1 http://www.vupen.com/english/advisories/2010/0648 XForce ISS Database: firefox-ntlm-reflection(54807) https://exchange.xforce.ibmcloud.com/vulnerabilities/54807 Common Vulnerability Exposure (CVE) ID: CVE-2009-3984 BugTraq ID: 37367 http://www.securityfocus.com/bid/37367 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8379 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9791 http://securitytracker.com/id?1023342 http://securitytracker.com/id?1023343 XForce ISS Database: firefox-documentlocation-ssl-spoofing(54806) https://exchange.xforce.ibmcloud.com/vulnerabilities/54806 Common Vulnerability Exposure (CVE) ID: CVE-2009-2654 BugTraq ID: 35803 http://www.securityfocus.com/bid/35803 Bugtraq: 20090724 URL spoofing bug involving Firefox's error pages and document.write (Google Search) http://www.securityfocus.com/archive/1/505242/30/0/threaded Bugtraq: 20090727 Re: URL spoofing bug involving Firefox's error pages and document.write (Google Search) http://www.securityfocus.com/archive/1/505265 Debian Security Information: DSA-1873 (Google Search) http://www.debian.org/security/2009/dsa-1873 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00198.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00261.html http://es.geocities.com/jplopezy/firefoxspoofing.html http://osvdb.org/56717 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9686 http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.redhat.com/support/errata/RHSA-2009-1431.html http://www.redhat.com/support/errata/RHSA-2009-1432.html http://www.securitytracker.com/id?1022603 http://secunia.com/advisories/36001 http://secunia.com/advisories/36126 http://secunia.com/advisories/36141 http://secunia.com/advisories/36435 http://secunia.com/advisories/36669 http://secunia.com/advisories/36670 http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1 https://usn.ubuntu.com/811-1/ http://www.vupen.com/english/advisories/2009/2006 http://www.vupen.com/english/advisories/2009/2142 Common Vulnerability Exposure (CVE) ID: CVE-2009-3985 BugTraq ID: 37370 http://www.securityfocus.com/bid/37370 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8480 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9911 XForce ISS Database: firefox-documentlocation-spoofing(54808) https://exchange.xforce.ibmcloud.com/vulnerabilities/54808 Common Vulnerability Exposure (CVE) ID: CVE-2009-3986 BugTraq ID: 37365 http://www.securityfocus.com/bid/37365 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11568 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8489 http://securitytracker.com/id?1023344 http://securitytracker.com/id?1023345 XForce ISS Database: firefox-windowopener-code-execution(54803) https://exchange.xforce.ibmcloud.com/vulnerabilities/54803 Common Vulnerability Exposure (CVE) ID: CVE-2009-3987 BugTraq ID: 37360 http://www.securityfocus.com/bid/37360 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7958 http://securitytracker.com/id?1023346 http://securitytracker.com/id?1023347 XForce ISS Database: firefox-geckoactivexobject-info-disclosure(54798) https://exchange.xforce.ibmcloud.com/vulnerabilities/54798
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.