Ubuntu Local Security Checks : Ubuntu USN-667-1 (xulrunner-1.9)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.61911
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-667-1 (xulrunner-1.9)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to xulrunner-1.9 announced via advisory USN-667-1. A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.15~ prepatch080614h-0ubuntu1 Ubuntu 7.10: firefox 2.0.0.18+nobinonly-0ubuntu0.7.10 Ubuntu 8.04 LTS: firefox-3.0 3.0.4+nobinonly-0ubuntu0.8.04.1 xulrunner-1.9 1.9.0.4+nobinonly-0ubuntu0.8.04.1 Ubuntu 8.10: abrowser 3.0.4+nobinonly-0ubuntu0.8.10.1 firefox-3.0 3.0.4+nobinonly-0ubuntu0.8.10.1 xulrunner-1.9 1.9.0.4+nobinonly-0ubuntu0.8.10.1 After a standard system upgrade you need to restart Firefox and any application that use xulrunner, such as Epiphany, to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-667-1 Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0017 BugTraq ID: 32281 http://www.securityfocus.com/bid/32281 Cert/CC Advisory: TA08-319A http://www.us-cert.gov/cas/techalerts/TA08-319A.html Debian Security Information: DSA-1669 (Google Search) http://www.debian.org/security/2008/dsa-1669 Debian Security Information: DSA-1671 (Google Search) http://www.debian.org/security/2008/dsa-1671 Debian Security Information: DSA-1697 (Google Search) http://www.debian.org/security/2009/dsa-1697 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html ISS Security Advisory: 20081113 Mozilla Unchecked Allocation Remote Code Execution http://www.iss.net/threats/311.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:228 http://www.mandriva.com/security/advisories?name=MDVSA-2008:230 https://bugzilla.mozilla.org/show_bug.cgi?id=443299 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11005 http://www.redhat.com/support/errata/RHSA-2008-0977.html http://www.redhat.com/support/errata/RHSA-2008-0978.html http://www.securitytracker.com/id?1021185 http://secunia.com/advisories/32684 http://secunia.com/advisories/32693 http://secunia.com/advisories/32694 http://secunia.com/advisories/32695 http://secunia.com/advisories/32713 http://secunia.com/advisories/32714 http://secunia.com/advisories/32721 http://secunia.com/advisories/32778 http://secunia.com/advisories/32845 http://secunia.com/advisories/32853 http://secunia.com/advisories/33433 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 SuSE Security Announcement: SUSE-SA:2008:055 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://ubuntu.com/usn/usn-667-1 http://www.vupen.com/english/advisories/2008/3146 http://www.vupen.com/english/advisories/2009/0977 Common Vulnerability Exposure (CVE) ID: CVE-2008-4582 BugTraq ID: 31611 http://www.securityfocus.com/bid/31611 BugTraq ID: 31747 http://www.securityfocus.com/bid/31747 Bugtraq: 20081007 Firefox Privacy Broken If Used to Open Web Page File (Google Search) http://www.securityfocus.com/archive/1/497091/100/0/threaded Debian Security Information: DSA-1696 (Google Search) http://www.debian.org/security/2009/dsa-1696 http://liudieyu0.blog124.fc2.com/blog-entry-6.html https://bugzilla.mozilla.org/show_bug.cgi?id=455311 http://www.securitytracker.com/id?1021190 http://securitytracker.com/alerts/2008/Nov/1021212.html http://secunia.com/advisories/32192 http://secunia.com/advisories/33434 http://securityreason.com/securityalert/4416 http://www.vupen.com/english/advisories/2008/2818 XForce ISS Database: firefox-internet-shortcut-info-disclosure(45740) https://exchange.xforce.ibmcloud.com/vulnerabilities/45740 Common Vulnerability Exposure (CVE) ID: CVE-2008-5012 1021187 http://www.securitytracker.com/id?1021187 20081118 Firefox cross-domain image theft (CESA-2008-009) http://www.securityfocus.com/archive/1/498468 256408 32281 32351 http://www.securityfocus.com/bid/32351 32684 32693 32694 32714 32715 http://secunia.com/advisories/32715 32778 32798 http://secunia.com/advisories/32798 32845 32853 33433 33434 34501 ADV-2008-3146 ADV-2009-0977 DSA-1669 DSA-1671 DSA-1696 DSA-1697 FEDORA-2008-9667 MDVSA-2008:228 MDVSA-2008:235 http://www.mandriva.com/security/advisories?name=MDVSA-2008:235 RHSA-2008:0976 http://www.redhat.com/support/errata/RHSA-2008-0976.html RHSA-2008:0977 SUSE-SA:2008:055 TA08-319A USN-667-1 http://scary.beasts.org/security/CESA-2008-009.html http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-domain-image-theft-and.html http://www.mozilla.org/security/announce/2008/mfsa2008-48.html https://bugzilla.mozilla.org/show_bug.cgi?id=355126 https://bugzilla.mozilla.org/show_bug.cgi?id=451619 oval:org.mitre.oval:def:10750 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10750 Common Vulnerability Exposure (CVE) ID: CVE-2008-5013 1021181 http://www.securitytracker.com/id?1021181 http://www.mozilla.org/security/announce/2008/mfsa2008-49.html https://bugzilla.mozilla.org/show_bug.cgi?id=433610 oval:org.mitre.oval:def:9660 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9660 Common Vulnerability Exposure (CVE) ID: CVE-2008-5014 1021182 http://www.securitytracker.com/id?1021182 32011 http://secunia.com/advisories/32011 32695 32721 FEDORA-2008-9669 MDVSA-2008:230 RHSA-2008:0978 http://www.mozilla.org/security/announce/2008/mfsa2008-50.html https://bugzilla.mozilla.org/show_bug.cgi?id=436741 oval:org.mitre.oval:def:9157 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9157 Common Vulnerability Exposure (CVE) ID: CVE-2008-5015 1021191 http://www.securitytracker.com/id?1021191 32713 http://www.mozilla.org/security/announce/2008/mfsa2008-51.html https://bugzilla.mozilla.org/show_bug.cgi?id=447579 oval:org.mitre.oval:def:11063 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11063 Common Vulnerability Exposure (CVE) ID: CVE-2008-5016 1021183 http://www.securitytracker.com/id?1021183 http://www.mozilla.org/security/announce/2008/mfsa2008-52.html https://bugzilla.mozilla.org/buglist.cgi?bug_id=439206%2C453406%2C458637%2C444864%2C452157%2C449111%2C444260%2C457375%2C433429%2C443528%2C430394 oval:org.mitre.oval:def:11356 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11356 Common Vulnerability Exposure (CVE) ID: CVE-2008-5017 https://bugzilla.mozilla.org/show_bug.cgi?id=455987 oval:org.mitre.oval:def:11436 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11436 Common Vulnerability Exposure (CVE) ID: CVE-2008-5018 https://bugzilla.mozilla.org/show_bug.cgi?id=452786 oval:org.mitre.oval:def:9872 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9872 Common Vulnerability Exposure (CVE) ID: CVE-2008-5019 1021184 http://www.securitytracker.com/id?1021184 http://www.mozilla.org/security/announce/2008/mfsa2008-53.html https://bugzilla.mozilla.org/buglist.cgi?bug_id=459906%2C460983 oval:org.mitre.oval:def:10943 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10943 Common Vulnerability Exposure (CVE) ID: CVE-2008-5021 1021186 http://www.securitytracker.com/id?1021186 http://www.mozilla.org/security/announce/2008/mfsa2008-55.html https://bugzilla.mozilla.org/show_bug.cgi?id=460002 oval:org.mitre.oval:def:9642 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642 Common Vulnerability Exposure (CVE) ID: CVE-2008-5022 1021188 http://www.securitytracker.com/id?1021188 http://www.mozilla.org/security/announce/2008/mfsa2008-56.html oval:org.mitre.oval:def:11186 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11186 Common Vulnerability Exposure (CVE) ID: CVE-2008-5023 1021189 http://www.securitytracker.com/id?1021189 http://www.mozilla.org/security/announce/2008/mfsa2008-57.html https://bugzilla.mozilla.org/show_bug.cgi?id=424733 oval:org.mitre.oval:def:9908 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9908 Common Vulnerability Exposure (CVE) ID: CVE-2008-5024 1021192 http://www.securitytracker.com/id?1021192 http://www.mozilla.org/security/announce/2008/mfsa2008-58.html https://bugzilla.mozilla.org/show_bug.cgi?id=453915 oval:org.mitre.oval:def:9063 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9063
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com