Test ID:	1.3.6.1.4.1.25623.1.0.831539
Category:	Mandrake Local Security Checks
Title:	Mandriva Update for firefox MDVSA-2012:017 (firefox)
Summary:	The remote host is missing an update for the 'firefox'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'firefox' package(s) announced via the referenced advisory. Vulnerability Insight: Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding (CVE-2012-0452). Affected Software/OS: firefox on Mandriva Linux 2011.0, Mandriva Linux 2010.1 Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0452 BugTraq ID: 51975 http://www.securityfocus.com/bid/51975 http://www.mandriva.com/security/advisories?name=MDVSA-2012:017 http://www.mandriva.com/security/advisories?name=MDVSA-2012:018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15017 http://secunia.com/advisories/48110 http://secunia.com/advisories/49055 SuSE Security Announcement: SUSE-SU-2012:0261 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00013.html SuSE Security Announcement: openSUSE-SU-2012:0258 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00012.html http://www.ubuntu.com/usn/USN-1360-1
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.