 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.52151 |
| Category: | FreeBSD Local Security Checks |
| Title: | FreeBSD Ports: firefox |
| Summary: | The remote host is missing an update to the system; as announced in the referenced advisory. |
| Description: | Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: firefox thunderbird linux-firefox mozilla linux-mozilla linux-mozilla-devel netscape7 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 CVE-2005-0399 Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2005-0399 12881 http://www.securityfocus.com/bid/12881 14654 http://secunia.com/advisories/14654 15495 http://www.securityfocus.com/bid/15495 19823 http://secunia.com/advisories/19823 20050323 Mozilla Foundation GIF Overflow http://xforce.iss.net/xforce/alerts/id/191 ADV-2005-0296 http://www.vupen.com/english/advisories/2005/0296 GLSA-200503-30 http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml P-160 http://www.ciac.org/ciac/bulletins/p-160.shtml RHSA-2005:323 http://www.redhat.com/support/errata/RHSA-2005-323.html RHSA-2005:335 http://www.redhat.com/support/errata/RHSA-2005-335.html RHSA-2005:336 http://www.redhat.com/support/errata/RHSA-2005-336.html RHSA-2005:337 http://www.redhat.com/support/errata/RHSA-2005-337.html SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt SUSE-SA:2006:022 http://www.novell.com/linux/security/advisories/2006_04_25.html VU#557948 http://www.kb.cert.org/vuls/id/557948 gif-extension-overflow(19269) https://exchange.xforce.ibmcloud.com/vulnerabilities/19269 http://www.mozilla.org/security/announce/mfsa2005-30.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877 oval:org.mitre.oval:def:100028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028 oval:org.mitre.oval:def:11377 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377 |
| Copyright | Copyright (C) 2008 E-Soft Inc. |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |