Test ID:	1.3.6.1.4.1.25623.1.1.10.2015.0089
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2015-0089)
Summary:	The remote host is missing an update for the 'firefox, firefox-l10n, nspr, nss, thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2015-0089 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox, firefox-l10n, nspr, nss, thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2015-0089 advisory. Vulnerability Insight: Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running it (CVE-2015-0836, CVE-2015-0831, CVE-2015-0827). An information leak flaw was found in the way Firefox and Thunderbird implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file (CVE-2015-0822). Affected Software/OS: 'firefox, firefox-l10n, nspr, nss, thunderbird, thunderbird-l10n' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0822 BugTraq ID: 72756 http://www.securityfocus.com/bid/72756 Debian Security Information: DSA-3174 (Google Search) http://www.debian.org/security/2015/dsa-3174 Debian Security Information: DSA-3179 (Google Search) http://www.debian.org/security/2015/dsa-3179 https://security.gentoo.org/glsa/201504-01 RedHat Security Advisories: RHSA-2015:0265 http://rhn.redhat.com/errata/RHSA-2015-0265.html RedHat Security Advisories: RHSA-2015:0266 http://rhn.redhat.com/errata/RHSA-2015-0266.html RedHat Security Advisories: RHSA-2015:0642 http://rhn.redhat.com/errata/RHSA-2015-0642.html http://www.securitytracker.com/id/1031791 http://www.securitytracker.com/id/1031792 SuSE Security Announcement: SUSE-SU-2015:0412 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html SuSE Security Announcement: SUSE-SU-2015:0446 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html SuSE Security Announcement: SUSE-SU-2015:0447 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html SuSE Security Announcement: openSUSE-SU-2015:0404 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html SuSE Security Announcement: openSUSE-SU-2015:0448 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html SuSE Security Announcement: openSUSE-SU-2015:0567 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html SuSE Security Announcement: openSUSE-SU-2015:0570 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://www.ubuntu.com/usn/USN-2505-1 http://www.ubuntu.com/usn/USN-2506-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0827 BugTraq ID: 72755 http://www.securityfocus.com/bid/72755 Common Vulnerability Exposure (CVE) ID: CVE-2015-0831 BugTraq ID: 72746 http://www.securityfocus.com/bid/72746 Common Vulnerability Exposure (CVE) ID: CVE-2015-0836 BugTraq ID: 72742 http://www.securityfocus.com/bid/72742
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.