Test ID:	1.3.6.1.4.1.25623.1.0.59752
Category:	Fedora Local Security Checks
Title:	Fedora Core 7 FEDORA-2007-1143 (devhelp)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to devhelp announced via advisory FEDORA-2007-1143. An API document browser for GNOME 2. Update Information: Updated firefox packages that fix several security bugs are now available for Fedora Core 7. Users of devhelp are advised to upgrade to these erratum packages, which contain an update to devhelp built against the updated Firefox packages. ChangeLog: * Wed Jul 18 2007 Kai Engert - 0.13-9 - Rebuild against newer gecko * Fri May 25 2007 Christopher Aillon - 0.13-8 - Rebuild against newer gecko * Mon Apr 23 2007 Matthew Barnes - 0.13-7.fc7 - Add patch for RH bug #230837 (initialize GThread). * Sat Apr 21 2007 Matthias Clasen - 0.13-6 - Don't install INSTALL References: [ 1 ] Bug #248518 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248518 [ 2 ] CVE-2007-3734 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3734 [ 3 ] CVE-2007-3735 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3735 [ 4 ] CVE-2007-3736 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3736 [ 5 ] CVE-2007-3089 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3089 [ 6 ] CVE-2007-3737 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3737 [ 7 ] CVE-2007-3656 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3656 [ 8 ] CVE-2007-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3738 Updated packages: 5c90bfb01d8e60b69b1d6e74b06a2a9d7efcc27c devhelp-0.13-9.fc7.ppc64.rpm 44f042224af1501d7448a6018c4a7825280da6e4 devhelp-debuginfo-0.13-9.fc7.ppc64.rpm 29ac42827a0920997a73b8077ae22e6654ffb899 devhelp-devel-0.13-9.fc7.ppc64.rpm 6b8eabc0c996cc89be3955b3e9af5ea5300f5db1 devhelp-0.13-9.fc7.i386.rpm b4ed597d322cb64b15256fca3a7433790ea9730f devhelp-debuginfo-0.13-9.fc7.i386.rpm 0292f769ac3459b66ccfa098f14fd5c1cf56dd09 devhelp-devel-0.13-9.fc7.i386.rpm d8272e6473e84396aa5ad427b95a724d855ca11f devhelp-debuginfo-0.13-9.fc7.x86_64.rpm 1d3b350571be45d513e35ae95ee9902ca543db90 devhelp-devel-0.13-9.fc7.x86_64.rpm 1b2d4c4a4f9ed220b35f05f88aa75663be7e6062 devhelp-0.13-9.fc7.x86_64.rpm 79f4ff23ce4319f0c44fcdde88e34de616ffa5cb devhelp-0.13-9.fc7.ppc.rpm 836ef5fe7750396e8dd3045426285c6c394f369b devhelp-devel-0.13-9.fc7.ppc.rpm 84730f97688c63358e50bff42645a77d2622d54a devhelp-debuginfo-0.13-9.fc7.ppc.rpm 16ad3dc4148f71daccd19e141aed38e057cd1f87 devhelp-0.13-9.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. Solution: Apply the appropriate updates. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-1143 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3734 1018408 http://www.securitytracker.com/id?1018408 103177 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1 20070701-01-P ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc 20070720 rPSA-2007-0148-1 firefox thunderbird http://www.securityfocus.com/archive/1/474226/100/0/threaded 20070724 FLEA-2007-0033-1: firefox thunderbird http://www.securityfocus.com/archive/1/474542/100/0/threaded 201516 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1 24946 http://www.securityfocus.com/bid/24946 25589 http://secunia.com/advisories/25589 26072 http://secunia.com/advisories/26072 26095 http://secunia.com/advisories/26095 26096 http://secunia.com/advisories/26096 26103 http://secunia.com/advisories/26103 26106 http://secunia.com/advisories/26106 26107 http://secunia.com/advisories/26107 26149 http://secunia.com/advisories/26149 26151 http://secunia.com/advisories/26151 26159 http://secunia.com/advisories/26159 26176 http://secunia.com/advisories/26176 26179 http://secunia.com/advisories/26179 26204 http://secunia.com/advisories/26204 26205 http://secunia.com/advisories/26205 26211 http://secunia.com/advisories/26211 26216 http://secunia.com/advisories/26216 26258 http://secunia.com/advisories/26258 26271 http://secunia.com/advisories/26271 26460 http://secunia.com/advisories/26460 26572 http://secunia.com/advisories/26572 27326 http://secunia.com/advisories/27326 28135 http://secunia.com/advisories/28135 28363 http://secunia.com/advisories/28363 ADV-2007-2564 http://www.vupen.com/english/advisories/2007/2564 ADV-2007-2565 http://www.vupen.com/english/advisories/2007/2565 ADV-2007-4256 http://www.vupen.com/english/advisories/2007/4256 ADV-2008-0082 http://www.vupen.com/english/advisories/2008/0082 DSA-1337 http://www.debian.org/security/2007/dsa-1337 DSA-1338 http://www.debian.org/security/2007/dsa-1338 DSA-1339 http://www.debian.org/security/2007/dsa-1339 DSA-1391 http://www.debian.org/security/2007/dsa-1391 GLSA-200708-09 http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml HPSBUX02153 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 HPSBUX02156 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 MDKSA-2007:152 http://www.mandriva.com/security/advisories?name=MDKSA-2007:152 MDVSA-2007:047 http://www.mandriva.com/security/advisories?name=MDVSA-2007:047 MDVSA-2008:047 http://www.mandriva.com/security/advisories?name=MDVSA-2008:047 RHSA-2007:0722 http://www.redhat.com/support/errata/RHSA-2007-0722.html RHSA-2007:0723 http://www.redhat.com/support/errata/RHSA-2007-0723.html RHSA-2007:0724 http://www.redhat.com/support/errata/RHSA-2007-0724.html SSRT061181 SSRT061236 SUSE-SA:2007:049 http://www.novell.com/linux/security/advisories/2007_49_mozilla.html USN-490-1 http://www.ubuntu.com/usn/usn-490-1 USN-503-1 http://www.ubuntu.com/usn/usn-503-1 ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html http://www.mozilla.org/security/announce/2007/mfsa2007-18.html mozilla-browser-engine-code-execution(35458) https://exchange.xforce.ibmcloud.com/vulnerabilities/35458 oval:org.mitre.oval:def:10108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10108 Common Vulnerability Exposure (CVE) ID: CVE-2007-3735 mozilla-javascript-eng-code-execution(35459) https://exchange.xforce.ibmcloud.com/vulnerabilities/35459 oval:org.mitre.oval:def:11066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11066 Common Vulnerability Exposure (CVE) ID: CVE-2007-3736 1018410 http://www.securitytracker.com/id?1018410 http://www.mozilla.org/security/announce/2007/mfsa2007-19.html mozilla-addeventlistener-settimeout-xss(35462) https://exchange.xforce.ibmcloud.com/vulnerabilities/35462 oval:org.mitre.oval:def:11749 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11749 Common Vulnerability Exposure (CVE) ID: CVE-2007-3089 BugTraq ID: 24286 http://www.securityfocus.com/bid/24286 Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/470446/100/0/threaded Bugtraq: 20070720 rPSA-2007-0148-1 firefox thunderbird (Google Search) Bugtraq: 20070724 FLEA-2007-0033-1: firefox thunderbird (Google Search) Cert/CC Advisory: TA07-199A http://www.us-cert.gov/cas/techalerts/TA07-199A.html CERT/CC vulnerability note: VU#143297 http://www.kb.cert.org/vuls/id/143297 Debian Security Information: DSA-1337 (Google Search) Debian Security Information: DSA-1338 (Google Search) Debian Security Information: DSA-1339 (Google Search) http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html HPdes Security Advisory: HPSBUX02153 HPdes Security Advisory: SSRT061181 http://lcamtuf.coredump.cx/ifsnatch/ https://bugzilla.mozilla.org/show_bug.cgi?id=381300 https://bugzilla.mozilla.org/show_bug.cgi?id=382686 http://osvdb.org/38024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11122 http://www.securitytracker.com/id?1018412 SGI Security Advisory: 20070701-01-P http://securityreason.com/securityalert/2781 SuSE Security Announcement: SUSE-SA:2007:049 (Google Search) XForce ISS Database: firefox-iframe-security-bypass(34701) https://exchange.xforce.ibmcloud.com/vulnerabilities/34701 Common Vulnerability Exposure (CVE) ID: CVE-2007-3737 1018409 http://www.securitytracker.com/id?1018409 firefox-eventhandler-code-execution(35461) https://exchange.xforce.ibmcloud.com/vulnerabilities/35461 http://www.mozilla.org/security/announce/2007/mfsa2007-21.html oval:org.mitre.oval:def:10009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10009 Common Vulnerability Exposure (CVE) ID: CVE-2007-3656 BugTraq ID: 24831 http://www.securityfocus.com/bid/24831 Bugtraq: 20070709 Firefox wyciwyg:// cache zone bypass (Google Search) http://www.securityfocus.com/archive/1/473191/100/0/threaded http://lcamtuf.coredump.cx/ffcache/ http://osvdb.org/38028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9105 http://www.securitytracker.com/id?1018411 http://secunia.com/advisories/25990 http://securityreason.com/securityalert/2872 XForce ISS Database: mozilla-wyciwyg-security-bypass(35298) https://exchange.xforce.ibmcloud.com/vulnerabilities/35298 Common Vulnerability Exposure (CVE) ID: CVE-2007-3738 1018414 http://www.securitytracker.com/id?1018414 SUSE-SA:2007:057 http://www.novell.com/linux/security/advisories/2007_57_mozilla.html firefox-xpcnativewrapper-code-execution(35460) https://exchange.xforce.ibmcloud.com/vulnerabilities/35460 http://www.mozilla.org/security/announce/2007/mfsa2007-25.html oval:org.mitre.oval:def:9875 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9875
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.