English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59036
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2007:202 (mozilla-firefox)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to mozilla-firefox
announced via advisory MDKSA-2007:202.

A number of security vulnerabilities have been discovered and corrected
in the latest Mozilla Firefox program, version 2.0.0.8.

This update provides the latest Firefox to correct these issues.
As well, it provides Firefox 2.0.0.8 for older products.

Affected: 2007.1, 2008.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:202
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
http://www.mozilla.org/security/announce/2007/mfsa2007-30.html
http://www.mozilla.org/security/announce/2007/mfsa2007-31.html
http://www.mozilla.org/security/announce/2007/mfsa2007-32.html
http://www.mozilla.org/security/announce/2007/mfsa2007-33.html
http://www.mozilla.org/security/announce/2007/mfsa2007-34.html
http://www.mozilla.org/security/announce/2007/mfsa2007-35.html
http://www.mozilla.org/security/announce/2007/mfsa2007-36.html

Risk factor : Critical

CVSS Score:
9.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-2894
BugTraq ID: 18308
http://www.securityfocus.com/bid/18308
Bugtraq: 20070211 Firefox focus stealing vulnerability (possibly other browsers) (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2007-02/0166.html
Bugtraq: 20070212 Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2007-02/0187.html
Bugtraq: 20071026 rPSA-2007-0225-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/482876/100/200/threaded
Bugtraq: 20071029 FLEA-2007-0062-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/482925/100/0/threaded
Bugtraq: 20071029 rPSA-2007-0225-2 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/482932/100/200/threaded
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html
http://lists.virus.org/full-disclosure-0702/msg00225.html
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/security/advisories?name=MDKSA-2006:143
http://www.mandriva.com/security/advisories?name=MDKSA-2006:145
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
http://lcamtuf.coredump.cx/focusbug/
http://www.gnucitizen.org/blog/browser-focus-rip
http://www.thanhngan.org/fflinuxversion.html
https://bugzilla.mozilla.org/show_bug.cgi?id=290478
https://bugzilla.mozilla.org/show_bug.cgi?id=56236
http://securitytracker.com/id?1018837
http://secunia.com/advisories/20442
http://secunia.com/advisories/20467
http://secunia.com/advisories/20470
http://secunia.com/advisories/20472
http://secunia.com/advisories/21532
http://secunia.com/advisories/27298
http://secunia.com/advisories/27335
http://secunia.com/advisories/27383
http://secunia.com/advisories/27387
http://secunia.com/advisories/27403
http://secunia.com/advisories/27414
http://securityreason.com/securityalert/1059
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
SuSE Security Announcement: SUSE-SA:2007:057 (Google Search)
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
https://usn.ubuntu.com/535-1/
http://www.ubuntu.com/usn/usn-536-1
http://www.vupen.com/english/advisories/2006/2160
http://www.vupen.com/english/advisories/2006/2162
http://www.vupen.com/english/advisories/2006/2163
http://www.vupen.com/english/advisories/2006/2164
http://www.vupen.com/english/advisories/2007/3544
http://www.vupen.com/english/advisories/2008/0083
Common Vulnerability Exposure (CVE) ID: CVE-2007-1095
BugTraq ID: 22688
http://www.securityfocus.com/bid/22688
Bugtraq: 20070223 Firefox: onUnload tailgating (MSIE7 entrapment bug variant) (Google Search)
http://www.securityfocus.com/archive/1/461007/100/0/threaded
Bugtraq: 20070223 MSIE7 browser entrapment vulnerability (probably Firefox, too) (Google Search)
http://www.securityfocus.com/archive/1/461023/100/0/threaded
Debian Security Information: DSA-1392 (Google Search)
http://www.debian.org/security/2007/dsa-1392
Debian Security Information: DSA-1396 (Google Search)
http://www.debian.org/security/2007/dsa-1396
Debian Security Information: DSA-1401 (Google Search)
http://www.debian.org/security/2007/dsa-1401
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html
http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml
http://lcamtuf.coredump.cx/ietrap/ff/
https://bugzilla.mozilla.org/show_bug.cgi?id=371360
http://osvdb.org/33809
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11665
http://www.redhat.com/support/errata/RHSA-2007-0979.html
http://www.redhat.com/support/errata/RHSA-2007-0980.html
http://www.redhat.com/support/errata/RHSA-2007-0981.html
http://secunia.com/advisories/27276
http://secunia.com/advisories/27311
http://secunia.com/advisories/27315
http://secunia.com/advisories/27325
http://secunia.com/advisories/27327
http://secunia.com/advisories/27336
http://secunia.com/advisories/27356
http://secunia.com/advisories/27360
http://secunia.com/advisories/27425
http://secunia.com/advisories/27480
http://secunia.com/advisories/27665
http://secunia.com/advisories/27680
http://secunia.com/advisories/28398
http://securityreason.com/securityalert/2310
http://www.vupen.com/english/advisories/2007/3587
XForce ISS Database: ie-mozilla-onunload-dos(32647)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32647
XForce ISS Database: ie-mozilla-onunload-url-spoofing(32649)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32649
Common Vulnerability Exposure (CVE) ID: CVE-2007-2292
BugTraq ID: 23668
http://www.securityfocus.com/bid/23668
Bugtraq: 20070425 IE 7 and Firefox Browsers Digest Authentication Request Splitting (Google Search)
http://www.securityfocus.com/archive/1/466906/100/0/threaded
http://www.wisec.it/vulns.php?id=11
https://bugzilla.mozilla.org/show_bug.cgi?id=378787
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10195
http://www.securitytracker.com/id?1017968
http://securityreason.com/securityalert/2654
XForce ISS Database: firefox-lf-response-splitting(33981)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33981
Common Vulnerability Exposure (CVE) ID: CVE-2007-3511
BugTraq ID: 24725
http://www.securityfocus.com/bid/24725
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html
http://sla.ckers.org/forum/read.php?3,13142
http://yathong.googlepages.com/FirefoxFocusBug.html
http://osvdb.org/37994
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763
http://secunia.com/advisories/25904
XForce ISS Database: firefox-focus-security-bypass(35299)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35299
Common Vulnerability Exposure (CVE) ID: CVE-2007-4841
BugTraq ID: 25543
http://www.securityfocus.com/bid/25543
HPdes Security Advisory: HPSBUX02156
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
HPdes Security Advisory: SSRT061236
http://xs-sniper.com/blog/2007/09/01/firefox-file-handling-woes/
http://secunia.com/advisories/27744
http://secunia.com/advisories/28363
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.471007
http://www.vupen.com/english/advisories/2008/0082
Common Vulnerability Exposure (CVE) ID: CVE-2007-5334
1018837
20071026 rPSA-2007-0225-1 firefox
20071029 FLEA-2007-0062-1 firefox
20071029 rPSA-2007-0225-2 firefox thunderbird
201516
26132
http://www.securityfocus.com/bid/26132
27276
27298
27311
27315
27325
27327
27335
27336
27356
27360
27383
27387
27403
27414
27425
27480
27665
27680
28398
ADV-2007-3544
ADV-2007-3587
ADV-2008-0083
DSA-1392
DSA-1396
DSA-1401
FEDORA-2007-2601
FEDORA-2007-2664
FEDORA-2007-3431
GLSA-200711-14
HPSBUX02153
MDKSA-2007:202
RHSA-2007:0979
RHSA-2007:0980
RHSA-2007:0981
SSRT061181
SUSE-SA:2007:057
USN-535-1
USN-536-1
VU#349217
http://www.kb.cert.org/vuls/id/349217
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
http://www.mozilla.org/security/announce/2007/mfsa2007-33.html
https://bugzilla.mozilla.org/show_bug.cgi?id=391043
https://issues.rpath.com/browse/RPL-1858
mozilla-xul-page-spoofing(37286)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37286
oval:org.mitre.oval:def:11482
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11482
Common Vulnerability Exposure (CVE) ID: CVE-2007-5337
http://www.mozilla.org/security/announce/2007/mfsa2007-34.html
https://bugzilla.mozilla.org/show_bug.cgi?id=381146
mozilla-sftp-file-access(37287)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37287
oval:org.mitre.oval:def:11443
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11443
Common Vulnerability Exposure (CVE) ID: CVE-2007-5338
1018836
http://securitytracker.com/id?1018836
http://www.mozilla.org/security/announce/2007/mfsa2007-35.html
mozilla-xpcnativewrapper-code-execution(37288)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37288
oval:org.mitre.oval:def:10965
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10965
Common Vulnerability Exposure (CVE) ID: CVE-2007-5339
1018834
http://securitytracker.com/id?1018834
1018835
http://securitytracker.com/id?1018835
1018977
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1
231441
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1
27313
http://secunia.com/advisories/27313
27326
http://secunia.com/advisories/27326
27704
http://secunia.com/advisories/27704
27744
28179
http://secunia.com/advisories/28179
28363
28636
http://secunia.com/advisories/28636
ADV-2007-3545
http://www.vupen.com/english/advisories/2007/3545
ADV-2007-4272
http://www.vupen.com/english/advisories/2007/4272
ADV-2008-0082
ADV-2008-0643
http://www.vupen.com/english/advisories/2008/0643
DSA-1391
http://www.debian.org/security/2007/dsa-1391
GLSA-200711-24
http://security.gentoo.org/glsa/glsa-200711-24.xml
HPSBUX02156
MDVSA-2007:047
http://www.mandriva.com/security/advisories?name=MDVSA-2007:047
MDVSA-2008:047
http://www.mandriva.com/security/advisories?name=MDVSA-2008:047
SSA:2007-324-01
SSRT061236
SUSE-SR:2008:002
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
VU#559977
http://www.kb.cert.org/vuls/id/559977
http://bugs.gentoo.org/show_bug.cgi?id=196481
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
https://bugzilla.mozilla.org/buglist.cgi?bug_id=309322%2C330563%2C341858%2C344064%2C348126%2C354645%2C361745%2C362901%2C378670%2C378682%2C379799%2C382376%2C384105%2C386382%2C386914%2C387033%2C387460%2C387844%2C391974%2C392285%2C393770%2C394014%2C394418
https://issues.rpath.com/browse/RPL-1884
mozilla-multiple-browser-code-execution(37281)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37281
oval:org.mitre.oval:def:10459
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10459
Common Vulnerability Exposure (CVE) ID: CVE-2007-5340
VU#755513
http://www.kb.cert.org/vuls/id/755513
https://bugzilla.mozilla.org/buglist.cgi?bug_id=372309%2C387955%2C390078%2C393537
mozilla-multiple-java-code-execution(37282)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37282
oval:org.mitre.oval:def:9622
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9622
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.