Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.55268
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2005:769
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2005:769.

Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.

A bug was found in the way Mozilla processes certain international domain
names. An attacker could create a specially crafted HTML file, which when
viewed by the victim would cause Mozilla to crash or possibly execute
arbitrary code. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2005-2871 to this issue.

Users of Mozilla are advised to upgrade to this updated package that
contains a backported patch and is not vulnerable to this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-769.html

Risk factor : High

CVSS Score:
7.5

Cross-Ref: BugTraq ID: 14784
Common Vulnerability Exposure (CVE) ID: CVE-2005-2871
http://www.securityfocus.com/bid/14784
CERT/CC vulnerability note: VU#573857
http://www.kb.cert.org/vuls/id/573857
Computer Incident Advisory Center Bulletin: P-303
http://www.ciac.org/ciac/bulletins/p-303.shtml
Debian Security Information: DSA-837 (Google Search)
http://www.debian.org/security/2005/dsa-837
Debian Security Information: DSA-866 (Google Search)
http://www.debian.org/security/2005/dsa-866
Debian Security Information: DSA-868 (Google Search)
http://www.debian.org/security/2005/dsa-868
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
http://marc.info/?l=full-disclosure&m=112624614008387&w=2
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0316.html
http://www.gentoo.org/security/en/glsa/glsa-200509-11.xml
HPdes Security Advisory: HPSBUX01133
HPdes Security Advisory: SSRT5940
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
http://www.securiteam.com/securitynews/5RP0B0UGVW.html
http://www.security-protocols.com/advisory/sp-x17-advisory.txt
http://www.security-protocols.com/firefox-death.html
http://www.osvdb.org/19255
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1287
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A584
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9608
http://www.redhat.com/support/errata/RHSA-2005-768.html
http://www.redhat.com/support/errata/RHSA-2005-769.html
http://www.redhat.com/support/errata/RHSA-2005-791.html
http://securitytracker.com/id?1014877
http://secunia.com/advisories/16764
http://secunia.com/advisories/16766
http://secunia.com/advisories/16767
http://secunia.com/advisories/17042
http://secunia.com/advisories/17090
http://secunia.com/advisories/17263
http://secunia.com/advisories/17284
http://securityreason.com/securityalert/83
http://www.ubuntu.com/usn/usn-181-1
http://www.vupen.com/english/advisories/2005/1690
http://www.vupen.com/english/advisories/2005/1691
http://www.vupen.com/english/advisories/2005/1824
XForce ISS Database: mozilla-url-bo(22207)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22207
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.