English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57596
Category:SuSE Local Security Checks
Title:SuSE Security Advisory SUSE-SA:2006:068 (MozillaFirefox,MozillaThunderbird,seamonkey)
Summary:SuSE Security Advisory SUSE-SA:2006:068 (MozillaFirefox,MozillaThunderbird,seamonkey)
Description:
The remote host is missing updates announced in
advisory SUSE-SA:2006:068.

MozillaFirefox has been updated to the security update release
1.5.0.8, MozillaThunderbird has been updated to 1.5.0.8, and the
Mozilla Seamonkey suite has been updated to 1.0.6 to fix the following
security issues.

Full details of the security problems can be found on:
http://www.mozilla.org/projects/security/known-vulnerabilities.html

MFSA2006-65: This issue is split into 3 sub-entries, for ongoing
stability improvements in the Mozilla browsers:
CVE-2006-5464: Layout engine flaws were fixed.
CVE-2006-5747: A xml.prototype.hasOwnProperty flaw was fixed.
CVE-2006-5748: Fixes were applied to the Javascript engine.

MFSA2006-66/CVE-2006-5462: MFSA 2006-60 reported that RSA digital
signatures with a low exponent (typically 3) could be forged. Firefox
and Thunderbird 1.5.0.7, which incorporated NSS version 3.10.2,
were incompletely patched and remained vulnerable to a variant of
this attack.

MFSA2006-67/CVE-2006-5463: shutdown demonstrated that it was possible
to modify a Script object while it was executing, potentially leading
to the execution of arbitrary JavaScript bytecode.

Note that Mozilla Suite updates for products before SUSE Linux 10.1 / SLES 10
are not available yet due to backporting problems.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2006:068

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-5464
Bugtraq: 20061109 rPSA-2006-0206-1 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/archive/1/451099/100/0/threaded
https://bugzilla.mozilla.org/show_bug.cgi?id=307809
https://bugzilla.mozilla.org/show_bug.cgi?id=310267
https://bugzilla.mozilla.org/show_bug.cgi?id=350370
https://bugzilla.mozilla.org/show_bug.cgi?id=351328
Debian Security Information: DSA-1224 (Google Search)
http://www.debian.org/security/2006/dsa-1224
Debian Security Information: DSA-1225 (Google Search)
http://www.debian.org/security/2006/dsa-1225
Debian Security Information: DSA-1227 (Google Search)
http://www.debian.org/security/2006/dsa-1227
http://security.gentoo.org/glsa/glsa-200612-06.xml
http://security.gentoo.org/glsa/glsa-200612-07.xml
http://security.gentoo.org/glsa/glsa-200612-08.xml
HPdes Security Advisory: HPSBUX02153
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/security/advisories?name=MDKSA-2006:205
http://www.mandriva.com/security/advisories?name=MDKSA-2006:206
RedHat Security Advisories: RHSA-2006:0733
http://rhn.redhat.com/errata/RHSA-2006-0733.html
RedHat Security Advisories: RHSA-2006:0734
http://rhn.redhat.com/errata/RHSA-2006-0734.html
RedHat Security Advisories: RHSA-2006:0735
http://rhn.redhat.com/errata/RHSA-2006-0735.html
SGI Security Advisory: 20061101-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103121-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200587-1
SuSE Security Announcement: SUSE-SA:2006:068 (Google Search)
http://www.novell.com/linux/security/advisories/2006_68_mozilla.html
http://www.ubuntu.com/usn/usn-381-1
http://www.ubuntu.com/usn/usn-382-1
CERT/CC vulnerability note: VU#495288
http://www.kb.cert.org/vuls/id/495288
Cert/CC Advisory: TA06-312A
http://www.us-cert.gov/cas/techalerts/TA06-312A.html
BugTraq ID: 20957
http://www.securityfocus.com/bid/20957
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9304
http://www.vupen.com/english/advisories/2006/4387
http://www.vupen.com/english/advisories/2007/1198
http://www.vupen.com/english/advisories/2006/3748
http://www.vupen.com/english/advisories/2007/3588
http://www.vupen.com/english/advisories/2008/0083
http://securitytracker.com/id?1017177
http://securitytracker.com/id?1017178
http://securitytracker.com/id?1017179
http://secunia.com/advisories/22722
http://secunia.com/advisories/22770
http://secunia.com/advisories/22727
http://secunia.com/advisories/22737
http://secunia.com/advisories/22763
http://secunia.com/advisories/22774
http://secunia.com/advisories/22817
http://secunia.com/advisories/22929
http://secunia.com/advisories/22965
http://secunia.com/advisories/22980
http://secunia.com/advisories/23009
http://secunia.com/advisories/23013
http://secunia.com/advisories/23197
http://secunia.com/advisories/23202
http://secunia.com/advisories/23235
http://secunia.com/advisories/23263
http://secunia.com/advisories/23287
http://secunia.com/advisories/23297
http://secunia.com/advisories/22815
http://secunia.com/advisories/24711
http://secunia.com/advisories/22066
http://secunia.com/advisories/27328
XForce ISS Database: mozilla-layout-dos(30092)
http://xforce.iss.net/xforce/xfdb/30092
Common Vulnerability Exposure (CVE) ID: CVE-2006-5747
https://bugzilla.mozilla.org/show_bug.cgi?id=355569
CERT/CC vulnerability note: VU#815432
http://www.kb.cert.org/vuls/id/815432
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11496
XForce ISS Database: mozilla-xmlprototypehasownproperty-dos(30093)
http://xforce.iss.net/xforce/xfdb/30093
Common Vulnerability Exposure (CVE) ID: CVE-2006-5748
https://bugzilla.mozilla.org/show_bug.cgi?id=349527
https://bugzilla.mozilla.org/show_bug.cgi?id=350238
https://bugzilla.mozilla.org/show_bug.cgi?id=351116
https://bugzilla.mozilla.org/show_bug.cgi?id=351973
https://bugzilla.mozilla.org/show_bug.cgi?id=352271
https://bugzilla.mozilla.org/show_bug.cgi?id=352606
https://bugzilla.mozilla.org/show_bug.cgi?id=353165
https://bugzilla.mozilla.org/show_bug.cgi?id=354145
https://bugzilla.mozilla.org/show_bug.cgi?id=354151
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103139-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201335-1
CERT/CC vulnerability note: VU#390480
http://www.kb.cert.org/vuls/id/390480
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11408
http://www.vupen.com/english/advisories/2007/3821
http://secunia.com/advisories/27603
XForce ISS Database: mozilla-javascript-engine-code-execution(30096)
http://xforce.iss.net/xforce/xfdb/30096
Common Vulnerability Exposure (CVE) ID: CVE-2006-5462
http://www.mozilla.org/security/announce/2006/mfsa2006-60.html
https://bugzilla.mozilla.org/show_bug.cgi?id=356215
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1
CERT/CC vulnerability note: VU#335392
http://www.kb.cert.org/vuls/id/335392
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10478
http://www.vupen.com/english/advisories/2007/0293
http://securitytracker.com/id?1017180
http://securitytracker.com/id?1017181
http://securitytracker.com/id?1017182
http://secunia.com/advisories/23883
XForce ISS Database: mozilla-nss-security-bypass(30098)
http://xforce.iss.net/xforce/xfdb/30098
Common Vulnerability Exposure (CVE) ID: CVE-2006-5463
https://bugzilla.mozilla.org/show_bug.cgi?id=355655
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103011-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200185-1
CERT/CC vulnerability note: VU#714496
http://www.kb.cert.org/vuls/id/714496
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10357
http://www.vupen.com/english/advisories/2007/2663
http://securitytracker.com/id?1017184
http://securitytracker.com/id?1017185
http://securitytracker.com/id?1017186
XForce ISS Database: mozilla-script-code-execution(30116)
http://xforce.iss.net/xforce/xfdb/30116
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.