English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75096 CVE descriptions
and 39644 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59036
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2007:202 (mozilla-firefox)
Summary:Mandrake Security Advisory MDKSA-2007:202 (mozilla-firefox)
Description:
The remote host is missing an update to mozilla-firefox
announced via advisory MDKSA-2007:202.

A number of security vulnerabilities have been discovered and corrected
in the latest Mozilla Firefox program, version 2.0.0.8.

This update provides the latest Firefox to correct these issues.
As well, it provides Firefox 2.0.0.8 for older products.

Affected: 2007.1, 2008.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:202
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
http://www.mozilla.org/security/announce/2007/mfsa2007-30.html
http://www.mozilla.org/security/announce/2007/mfsa2007-31.html
http://www.mozilla.org/security/announce/2007/mfsa2007-32.html
http://www.mozilla.org/security/announce/2007/mfsa2007-33.html
http://www.mozilla.org/security/announce/2007/mfsa2007-34.html
http://www.mozilla.org/security/announce/2007/mfsa2007-35.html
http://www.mozilla.org/security/announce/2007/mfsa2007-36.html

Risk factor : Critical
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-2894
Bugtraq: 20070211 Firefox focus stealing vulnerability (possibly other browsers) (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2007-02/0166.html
Bugtraq: 20070212 Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2007-02/0187.html
Bugtraq: 20071029 FLEA-2007-0062-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/archive/1/482925/100/0/threaded
Bugtraq: 20071026 rPSA-2007-0225-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/archive/1/482876/100/200/threaded
Bugtraq: 20071029 rPSA-2007-0225-2 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/archive/1/482932/100/200/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html
http://lists.virus.org/full-disclosure-0702/msg00225.html
http://lcamtuf.coredump.cx/focusbug/
http://www.gnucitizen.org/blog/browser-focus-rip
http://www.thanhngan.org/fflinuxversion.html
https://bugzilla.mozilla.org/show_bug.cgi?id=290478
https://bugzilla.mozilla.org/show_bug.cgi?id=56236
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/security/advisories?name=MDKSA-2006:143
http://www.mandriva.com/security/advisories?name=MDKSA-2006:145
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
SuSE Security Announcement: SUSE-SA:2007:057 (Google Search)
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
http://www.ubuntulinux.org/support/documentation/usn/usn-535-1
http://www.ubuntu.com/usn/usn-536-1
BugTraq ID: 18308
http://www.securityfocus.com/bid/18308
http://www.vupen.com/english/advisories/2006/2160
http://www.vupen.com/english/advisories/2006/2162
http://www.vupen.com/english/advisories/2006/2163
http://www.vupen.com/english/advisories/2006/2164
http://www.vupen.com/english/advisories/2007/3544
http://www.vupen.com/english/advisories/2008/0083
http://securitytracker.com/id?1018837
http://secunia.com/advisories/20442
http://secunia.com/advisories/20467
http://secunia.com/advisories/20470
http://secunia.com/advisories/20472
http://secunia.com/advisories/21532
http://secunia.com/advisories/27335
http://secunia.com/advisories/27383
http://secunia.com/advisories/27403
http://secunia.com/advisories/27387
http://secunia.com/advisories/27298
http://secunia.com/advisories/27414
http://securityreason.com/securityalert/1059
Common Vulnerability Exposure (CVE) ID: CVE-2007-1095
Bugtraq: 20070223 Firefox: onUnload tailgating (MSIE7 entrapment bug variant) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/461007/100/0/threaded
Bugtraq: 20070223 MSIE7 browser entrapment vulnerability (probably Firefox, too) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/461023/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html
http://lcamtuf.coredump.cx/ietrap/ff/
https://bugzilla.mozilla.org/show_bug.cgi?id=371360
Debian Security Information: DSA-1396 (Google Search)
http://www.debian.org/security/2007/dsa-1396
Debian Security Information: DSA-1401 (Google Search)
http://www.debian.org/security/2007/dsa-1401
Debian Security Information: DSA-1392 (Google Search)
http://www.debian.org/security/2007/dsa-1392
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml
http://www.redhat.com/support/errata/RHSA-2007-0979.html
http://www.redhat.com/support/errata/RHSA-2007-0980.html
http://www.redhat.com/support/errata/RHSA-2007-0981.html
BugTraq ID: 22688
http://www.securityfocus.com/bid/22688
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11665
http://www.vupen.com/english/advisories/2007/3587
http://osvdb.org/33809
http://secunia.com/advisories/27276
http://secunia.com/advisories/27325
http://secunia.com/advisories/27327
http://secunia.com/advisories/27356
http://secunia.com/advisories/27425
http://secunia.com/advisories/27480
http://secunia.com/advisories/27311
http://secunia.com/advisories/27315
http://secunia.com/advisories/27336
http://secunia.com/advisories/27665
http://secunia.com/advisories/27680
http://secunia.com/advisories/27360
http://secunia.com/advisories/28398
http://securityreason.com/securityalert/2310
XForce ISS Database: ie-mozilla-onunload-dos(32647)
http://xforce.iss.net/xforce/xfdb/32647
XForce ISS Database: ie-mozilla-onunload-url-spoofing(32649)
http://xforce.iss.net/xforce/xfdb/32649
Common Vulnerability Exposure (CVE) ID: CVE-2007-2292
Bugtraq: 20070425 IE 7 and Firefox Browsers Digest Authentication Request Splitting (Google Search)
http://www.securityfocus.com/archive/1/archive/1/466906/100/0/threaded
http://www.wisec.it/vulns.php?id=11
https://bugzilla.mozilla.org/show_bug.cgi?id=378787
BugTraq ID: 23668
http://www.securityfocus.com/bid/23668
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10195
http://www.securitytracker.com/id?1017968
http://securityreason.com/securityalert/2654
XForce ISS Database: firefox-lf-response-splitting(33981)
http://xforce.iss.net/xforce/xfdb/33981
Common Vulnerability Exposure (CVE) ID: CVE-2007-3511
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html
http://yathong.googlepages.com/FirefoxFocusBug.html
http://sla.ckers.org/forum/read.php?3,13142
BugTraq ID: 24725
http://www.securityfocus.com/bid/24725
http://osvdb.org/37994
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9763
http://secunia.com/advisories/25904
XForce ISS Database: firefox-focus-security-bypass(35299)
http://xforce.iss.net/xforce/xfdb/35299
Common Vulnerability Exposure (CVE) ID: CVE-2007-4841
http://xs-sniper.com/blog/2007/09/01/firefox-file-handling-woes/
HPdes Security Advisory: HPSBUX02156
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
HPdes Security Advisory: SSRT061236
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.471007
BugTraq ID: 25543
http://www.securityfocus.com/bid/25543
http://www.vupen.com/english/advisories/2008/0082
http://secunia.com/advisories/28363
http://secunia.com/advisories/27744
Common Vulnerability Exposure (CVE) ID: CVE-2007-5334
https://bugzilla.mozilla.org/show_bug.cgi?id=391043
CERT/CC vulnerability note: VU#349217
http://www.kb.cert.org/vuls/id/349217
BugTraq ID: 26132
http://www.securityfocus.com/bid/26132
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11482
XForce ISS Database: mozilla-xul-page-spoofing(37286)
http://xforce.iss.net/xforce/xfdb/37286
Common Vulnerability Exposure (CVE) ID: CVE-2007-5337
https://bugzilla.mozilla.org/show_bug.cgi?id=381146
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11443
XForce ISS Database: mozilla-sftp-file-access(37287)
http://xforce.iss.net/xforce/xfdb/37287
Common Vulnerability Exposure (CVE) ID: CVE-2007-5338
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10965
http://securitytracker.com/id?1018836
XForce ISS Database: mozilla-xpcnativewrapper-code-execution(37288)
http://xforce.iss.net/xforce/xfdb/37288
Common Vulnerability Exposure (CVE) ID: CVE-2007-5339
https://bugzilla.mozilla.org/buglist.cgi?bug_id=309322,330563,341858,344064,348126,354645,361745,362901,378670,378682,379799,382376,384105,386382,386914,387033,387460,387844,391974,392285,393770,394014,394418
Debian Security Information: DSA-1391 (Google Search)
http://www.debian.org/security/2007/dsa-1391
http://security.gentoo.org/glsa/glsa-200711-24.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2007:047
http://www.mandriva.com/security/advisories?name=MDVSA-2008:047
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1
SuSE Security Announcement: SUSE-SR:2008:002 (Google Search)
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
CERT/CC vulnerability note: VU#559977
http://www.kb.cert.org/vuls/id/559977
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10459
http://www.vupen.com/english/advisories/2007/3545
http://www.vupen.com/english/advisories/2007/4272
http://www.vupen.com/english/advisories/2008/0643
http://securitytracker.com/id?1018834
http://securitytracker.com/id?1018835
http://secunia.com/advisories/27313
http://secunia.com/advisories/27326
http://secunia.com/advisories/27704
http://secunia.com/advisories/28179
http://secunia.com/advisories/28636
XForce ISS Database: mozilla-multiple-browser-code-execution(37281)
http://xforce.iss.net/xforce/xfdb/37281
Common Vulnerability Exposure (CVE) ID: CVE-2007-5340
https://bugzilla.mozilla.org/buglist.cgi?bug_id=372309,387955,390078,393537
CERT/CC vulnerability note: VU#755513
http://www.kb.cert.org/vuls/id/755513
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9622
XForce ISS Database: mozilla-multiple-java-code-execution(37282)
http://xforce.iss.net/xforce/xfdb/37282
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 39644 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.