Test ID:	1.3.6.1.4.1.25623.1.0.122321
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2010-0681)
Summary:	The remote host is missing an update for the 'firefox, nspr, nss, xulrunner' package(s) announced via the ELSA-2010-0681 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox, nspr, nss, xulrunner' package(s) announced via the ELSA-2010-0681 advisory. Vulnerability Insight: firefox: [3.6.9-2.0.1.el5] - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones [3.6.9-2] - Fixed xulrunner version [3.6.9-1] - Update to 3.6.9 nspr: [4.8.6-1] - update to 4.8.6 nss: [3.12.7-2.0.1.el5_5] - Update clean.gif in the nss-3.12.7-stripped.tar.bz2 tarball [3.12.7-2] - fix dependencies, undo previous change [3.12.7-1] - Update to 3.12.7 xulrunner: [1.9.2.9-1.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.9-1] - Update to 1.9.2.9 Affected Software/OS: 'firefox, nspr, nss, xulrunner' package(s) on Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2760 Debian Security Information: DSA-2106 (Google Search) http://www.debian.org/security/2010/dsa-2106 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11799 http://secunia.com/advisories/42867 SuSE Security Announcement: SUSE-SA:2010:049 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://www.vupen.com/english/advisories/2010/2323 http://www.vupen.com/english/advisories/2011/0061 XForce ISS Database: mozilla-nstreeselection-code-execution(61660) https://exchange.xforce.ibmcloud.com/vulnerabilities/61660 Common Vulnerability Exposure (CVE) ID: CVE-2010-2762 BugTraq ID: 43092 http://www.securityfocus.com/bid/43092 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492 XForce ISS Database: firefox-sjow-code-exec(61656) https://exchange.xforce.ibmcloud.com/vulnerabilities/61656 Common Vulnerability Exposure (CVE) ID: CVE-2010-2764 BugTraq ID: 43104 http://www.securityfocus.com/bid/43104 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11684 XForce ISS Database: firefox-xmlhttprequest-info-disclosure(61662) https://exchange.xforce.ibmcloud.com/vulnerabilities/61662 Common Vulnerability Exposure (CVE) ID: CVE-2010-2765 BugTraq ID: 43095 http://www.securityfocus.com/bid/43095 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11519 Common Vulnerability Exposure (CVE) ID: CVE-2010-2766 BugTraq ID: 43100 http://www.securityfocus.com/bid/43100 http://www.zerodayinitiative.com/advisories/ZDI-10-176/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11778 Common Vulnerability Exposure (CVE) ID: CVE-2010-2767 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11969 XForce ISS Database: mozilla-pointer-code-execution(61658) https://exchange.xforce.ibmcloud.com/vulnerabilities/61658 Common Vulnerability Exposure (CVE) ID: CVE-2010-2768 BugTraq ID: 43101 http://www.securityfocus.com/bid/43101 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11735 Common Vulnerability Exposure (CVE) ID: CVE-2010-2769 BugTraq ID: 43106 http://www.securityfocus.com/bid/43106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12192 Common Vulnerability Exposure (CVE) ID: CVE-2010-3166 BugTraq ID: 43102 http://www.securityfocus.com/bid/43102 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12186 Common Vulnerability Exposure (CVE) ID: CVE-2010-3167 BugTraq ID: 43097 http://www.securityfocus.com/bid/43097 http://www.zerodayinitiative.com/advisories/ZDI-10-171/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12136 XForce ISS Database: mozilla-nstreecontentview-code-execution(61661) https://exchange.xforce.ibmcloud.com/vulnerabilities/61661 Common Vulnerability Exposure (CVE) ID: CVE-2010-3168 BugTraq ID: 43108 http://www.securityfocus.com/bid/43108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12001 XForce ISS Database: firefox-xultree-objects-code-exec(61653) https://exchange.xforce.ibmcloud.com/vulnerabilities/61653 Common Vulnerability Exposure (CVE) ID: CVE-2010-3169 BugTraq ID: 43118 http://www.securityfocus.com/bid/43118 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12145 XForce ISS Database: mozilla-safety-code-execution(61657) https://exchange.xforce.ibmcloud.com/vulnerabilities/61657
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.