English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59750
Category:Fedora Local Security Checks
Title:Fedora Core 7 FEDORA-2007-1138 (epiphany)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to epiphany
announced via advisory FEDORA-2007-1138.

epiphany is a simple GNOME web browser based on the Mozilla rendering
engine.

Update Information:

Updated firefox packages that fix several security bugs are now available for Fedora Core 7.

Users of epiphany are advised to upgrade to these erratum packages, which contain an update to epiphany built against the updated Firefox packages.

ChangeLog:

* Wed Jul 18 2007 Kai Engert - 2.18.3-2
- Rebuild against newer gecko
* Mon Jul 2 2007 Matthias Clasen 2.18.3-1
- Update to 2.18.3
* Tue May 29 2007 Matthias Clasen 2.18.2-1
- Update to 2.18.2
* Thu May 24 2007 Christopher Aillon 2.18.1-3
- Rebuild against newer gecko
References:

[ 1 ] Bug #248518
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248518
[ 2 ] CVE-2007-3734
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3734
[ 3 ] CVE-2007-3735
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3735
[ 4 ] CVE-2007-3736
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3736
[ 5 ] CVE-2007-3089
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3089
[ 6 ] CVE-2007-3737
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3737
[ 7 ] CVE-2007-3656
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3656
[ 8 ] CVE-2007-3738
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3738
Updated packages:

109dd331a224e7f37f4a7919a94050b4e7e580a4 epiphany-debuginfo-2.18.3-2.fc7.ppc64.rpm
2c07369f94afbb11f209e928cc1fc901847c2b2a epiphany-2.18.3-2.fc7.ppc64.rpm
373ad8cd6fc6d545b02156a60fd12d3a85c21911 epiphany-devel-2.18.3-2.fc7.ppc64.rpm
d0a03887ed20f2de18b5e60d4925b1ecf2235e11 epiphany-devel-2.18.3-2.fc7.i386.rpm
ad49ec3f5523ae9effee4725da3cdbb8f2923116 epiphany-debuginfo-2.18.3-2.fc7.i386.rpm
69d4339c98ff4784229a9ed0b4621b89ab437ebb epiphany-2.18.3-2.fc7.i386.rpm
4973bfd06389f8f20b214560098487de8b42665f epiphany-2.18.3-2.fc7.x86_64.rpm
ee2a38b1164bb2e64222cdaa04aa9d3f48337914 epiphany-devel-2.18.3-2.fc7.x86_64.rpm
dba8dc14abfd5c6208bb55ad277110fe8fb1e72b epiphany-debuginfo-2.18.3-2.fc7.x86_64.rpm
c81325fb98d1cdb1a8ce73f0d5b178fcab70dc28 epiphany-2.18.3-2.fc7.ppc.rpm
debf96a83433b6c1c678670c3ef402615d1d12b0 epiphany-debuginfo-2.18.3-2.fc7.ppc.rpm
a65002b5f5bfd85d1069638afd4b9e6d839fdaec epiphany-devel-2.18.3-2.fc7.ppc.rpm
817c64d671361e37154839dae4a4e69f61b66217 epiphany-2.18.3-2.fc7.src.rpm

This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.

Solution: Apply the appropriate updates.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-1138

Risk factor : Critical

CVSS Score:
9.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3734
1018408
http://www.securitytracker.com/id?1018408
103177
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1
20070701-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc
20070720 rPSA-2007-0148-1 firefox thunderbird
http://www.securityfocus.com/archive/1/474226/100/0/threaded
20070724 FLEA-2007-0033-1: firefox thunderbird
http://www.securityfocus.com/archive/1/474542/100/0/threaded
201516
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
24946
http://www.securityfocus.com/bid/24946
25589
http://secunia.com/advisories/25589
26072
http://secunia.com/advisories/26072
26095
http://secunia.com/advisories/26095
26096
http://secunia.com/advisories/26096
26103
http://secunia.com/advisories/26103
26106
http://secunia.com/advisories/26106
26107
http://secunia.com/advisories/26107
26149
http://secunia.com/advisories/26149
26151
http://secunia.com/advisories/26151
26159
http://secunia.com/advisories/26159
26176
http://secunia.com/advisories/26176
26179
http://secunia.com/advisories/26179
26204
http://secunia.com/advisories/26204
26205
http://secunia.com/advisories/26205
26211
http://secunia.com/advisories/26211
26216
http://secunia.com/advisories/26216
26258
http://secunia.com/advisories/26258
26271
http://secunia.com/advisories/26271
26460
http://secunia.com/advisories/26460
26572
http://secunia.com/advisories/26572
27326
http://secunia.com/advisories/27326
28135
http://secunia.com/advisories/28135
28363
http://secunia.com/advisories/28363
ADV-2007-2564
http://www.vupen.com/english/advisories/2007/2564
ADV-2007-2565
http://www.vupen.com/english/advisories/2007/2565
ADV-2007-4256
http://www.vupen.com/english/advisories/2007/4256
ADV-2008-0082
http://www.vupen.com/english/advisories/2008/0082
DSA-1337
http://www.debian.org/security/2007/dsa-1337
DSA-1338
http://www.debian.org/security/2007/dsa-1338
DSA-1339
http://www.debian.org/security/2007/dsa-1339
DSA-1391
http://www.debian.org/security/2007/dsa-1391
GLSA-200708-09
http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml
HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPSBUX02156
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
MDKSA-2007:152
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152
MDVSA-2007:047
http://www.mandriva.com/security/advisories?name=MDVSA-2007:047
MDVSA-2008:047
http://www.mandriva.com/security/advisories?name=MDVSA-2008:047
RHSA-2007:0722
http://www.redhat.com/support/errata/RHSA-2007-0722.html
RHSA-2007:0723
http://www.redhat.com/support/errata/RHSA-2007-0723.html
RHSA-2007:0724
http://www.redhat.com/support/errata/RHSA-2007-0724.html
SSRT061181
SSRT061236
SUSE-SA:2007:049
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
USN-490-1
http://www.ubuntu.com/usn/usn-490-1
USN-503-1
http://www.ubuntu.com/usn/usn-503-1
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
http://www.mozilla.org/security/announce/2007/mfsa2007-18.html
mozilla-browser-engine-code-execution(35458)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35458
oval:org.mitre.oval:def:10108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10108
Common Vulnerability Exposure (CVE) ID: CVE-2007-3735
mozilla-javascript-eng-code-execution(35459)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35459
oval:org.mitre.oval:def:11066
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11066
Common Vulnerability Exposure (CVE) ID: CVE-2007-3736
1018410
http://www.securitytracker.com/id?1018410
http://www.mozilla.org/security/announce/2007/mfsa2007-19.html
mozilla-addeventlistener-settimeout-xss(35462)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35462
oval:org.mitre.oval:def:11749
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11749
Common Vulnerability Exposure (CVE) ID: CVE-2007-3089
BugTraq ID: 24286
http://www.securityfocus.com/bid/24286
Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/470446/100/0/threaded
Bugtraq: 20070720 rPSA-2007-0148-1 firefox thunderbird (Google Search)
Bugtraq: 20070724 FLEA-2007-0033-1: firefox thunderbird (Google Search)
Cert/CC Advisory: TA07-199A
http://www.us-cert.gov/cas/techalerts/TA07-199A.html
CERT/CC vulnerability note: VU#143297
http://www.kb.cert.org/vuls/id/143297
Debian Security Information: DSA-1337 (Google Search)
Debian Security Information: DSA-1338 (Google Search)
Debian Security Information: DSA-1339 (Google Search)
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html
HPdes Security Advisory: HPSBUX02153
HPdes Security Advisory: SSRT061181
http://lcamtuf.coredump.cx/ifsnatch/
https://bugzilla.mozilla.org/show_bug.cgi?id=381300
https://bugzilla.mozilla.org/show_bug.cgi?id=382686
http://osvdb.org/38024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11122
http://www.securitytracker.com/id?1018412
SGI Security Advisory: 20070701-01-P
http://securityreason.com/securityalert/2781
SuSE Security Announcement: SUSE-SA:2007:049 (Google Search)
XForce ISS Database: firefox-iframe-security-bypass(34701)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34701
Common Vulnerability Exposure (CVE) ID: CVE-2007-3737
1018409
http://www.securitytracker.com/id?1018409
firefox-eventhandler-code-execution(35461)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35461
http://www.mozilla.org/security/announce/2007/mfsa2007-21.html
oval:org.mitre.oval:def:10009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10009
Common Vulnerability Exposure (CVE) ID: CVE-2007-3656
BugTraq ID: 24831
http://www.securityfocus.com/bid/24831
Bugtraq: 20070709 Firefox wyciwyg:// cache zone bypass (Google Search)
http://www.securityfocus.com/archive/1/473191/100/0/threaded
http://lcamtuf.coredump.cx/ffcache/
http://osvdb.org/38028
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9105
http://www.securitytracker.com/id?1018411
http://secunia.com/advisories/25990
http://securityreason.com/securityalert/2872
XForce ISS Database: mozilla-wyciwyg-security-bypass(35298)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35298
Common Vulnerability Exposure (CVE) ID: CVE-2007-3738
1018414
http://www.securitytracker.com/id?1018414
SUSE-SA:2007:057
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
firefox-xpcnativewrapper-code-execution(35460)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35460
http://www.mozilla.org/security/announce/2007/mfsa2007-25.html
oval:org.mitre.oval:def:9875
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9875
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.