Test ID:	1.3.6.1.4.1.25623.1.0.61911
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-667-1 (xulrunner-1.9)
Summary:	Ubuntu USN-667-1 (xulrunner-1.9)
Description:	The remote host is missing an update to xulrunner-1.9 announced via advisory USN-667-1. A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.15~ prepatch080614h-0ubuntu1 Ubuntu 7.10: firefox 2.0.0.18+nobinonly-0ubuntu0.7.10 Ubuntu 8.04 LTS: firefox-3.0 3.0.4+nobinonly-0ubuntu0.8.04.1 xulrunner-1.9 1.9.0.4+nobinonly-0ubuntu0.8.04.1 Ubuntu 8.10: abrowser 3.0.4+nobinonly-0ubuntu0.8.10.1 firefox-3.0 3.0.4+nobinonly-0ubuntu0.8.10.1 xulrunner-1.9 1.9.0.4+nobinonly-0ubuntu0.8.10.1 After a standard system upgrade you need to restart Firefox and any application that use xulrunner, such as Epiphany, to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-667-1 Risk factor : Critical
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0017 ISS Security Advisory: 20081113 Mozilla Unchecked Allocation Remote Code Execution http://www.iss.net/threats/311.html https://bugzilla.mozilla.org/show_bug.cgi?id=443299 Debian Security Information: DSA-1669 (Google Search) http://www.debian.org/security/2008/dsa-1669 Debian Security Information: DSA-1671 (Google Search) http://www.debian.org/security/2008/dsa-1671 Debian Security Information: DSA-1697 (Google Search) http://www.debian.org/security/2009/dsa-1697 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:228 http://www.mandriva.com/security/advisories?name=MDVSA-2008:230 http://www.redhat.com/support/errata/RHSA-2008-0977.html http://www.redhat.com/support/errata/RHSA-2008-0978.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 SuSE Security Announcement: SUSE-SA:2008:055 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://ubuntu.com/usn/usn-667-1 Cert/CC Advisory: TA08-319A http://www.us-cert.gov/cas/techalerts/TA08-319A.html BugTraq ID: 32281 http://www.securityfocus.com/bid/32281 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11005 http://www.securitytracker.com/id?1021185 http://secunia.com/advisories/34501 http://secunia.com/advisories/32684 http://secunia.com/advisories/32713 http://secunia.com/advisories/32778 http://secunia.com/advisories/32853 http://www.vupen.com/english/advisories/2008/3146 http://secunia.com/advisories/32721 http://secunia.com/advisories/32845 http://secunia.com/advisories/32693 http://secunia.com/advisories/32694 http://secunia.com/advisories/32695 http://secunia.com/advisories/32714 http://secunia.com/advisories/33433 http://www.vupen.com/english/advisories/2009/0977 Common Vulnerability Exposure (CVE) ID: CVE-2008-4582 Bugtraq: 20081007 Firefox Privacy Broken If Used to Open Web Page File (Google Search) http://www.securityfocus.com/archive/1/archive/1/497091/100/0/threaded http://liudieyu0.blog124.fc2.com/blog-entry-6.html https://bugzilla.mozilla.org/show_bug.cgi?id=455311 Debian Security Information: DSA-1696 (Google Search) http://www.debian.org/security/2009/dsa-1696 BugTraq ID: 31747 http://www.securityfocus.com/bid/31747 BugTraq ID: 31611 http://www.securityfocus.com/bid/31611 http://www.securitytracker.com/id?1021190 http://www.vupen.com/english/advisories/2008/2818 http://securitytracker.com/alerts/2008/Nov/1021190.html http://securitytracker.com/alerts/2008/Nov/1021212.html http://secunia.com/advisories/32192 http://secunia.com/advisories/33434 http://securityreason.com/securityalert/4416 XForce ISS Database: firefox-internet-shortcut-info-disclosure(45740) http://xforce.iss.net/xforce/xfdb/45740 Common Vulnerability Exposure (CVE) ID: CVE-2008-5012 Bugtraq: 20081118 Firefox cross-domain image theft (CESA-2008-009) (Google Search) http://www.securityfocus.com/archive/1/498468 https://bugzilla.mozilla.org/show_bug.cgi?id=355126 https://bugzilla.mozilla.org/show_bug.cgi?id=451619 http://scary.beasts.org/security/CESA-2008-009.html http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-domain-image-theft-and.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:235 http://www.redhat.com/support/errata/RHSA-2008-0976.html BugTraq ID: 32351 http://www.securityfocus.com/bid/32351 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10750 http://www.securitytracker.com/id?1021187 http://secunia.com/advisories/32798 http://secunia.com/advisories/32715 Common Vulnerability Exposure (CVE) ID: CVE-2008-5013 https://bugzilla.mozilla.org/show_bug.cgi?id=433610 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9660 http://www.securitytracker.com/id?1021181 Common Vulnerability Exposure (CVE) ID: CVE-2008-5014 https://bugzilla.mozilla.org/show_bug.cgi?id=436741 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9157 http://www.securitytracker.com/id?1021182 http://secunia.com/advisories/32011 Common Vulnerability Exposure (CVE) ID: CVE-2008-5015 https://bugzilla.mozilla.org/show_bug.cgi?id=447579 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11063 http://www.securitytracker.com/id?1021191 Common Vulnerability Exposure (CVE) ID: CVE-2008-5016 https://bugzilla.mozilla.org/buglist.cgi?bug_id=439206,453406,458637,444864,452157,449111,444260,457375,433429,443528,430394 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11356 http://www.securitytracker.com/id?1021183 Common Vulnerability Exposure (CVE) ID: CVE-2008-5017 https://bugzilla.mozilla.org/show_bug.cgi?id=455987 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11436 Common Vulnerability Exposure (CVE) ID: CVE-2008-5018 https://bugzilla.mozilla.org/show_bug.cgi?id=452786 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9872 Common Vulnerability Exposure (CVE) ID: CVE-2008-5019 https://bugzilla.mozilla.org/buglist.cgi?bug_id=459906,460983 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10943 http://www.securitytracker.com/id?1021184 Common Vulnerability Exposure (CVE) ID: CVE-2008-5021 https://bugzilla.mozilla.org/show_bug.cgi?id=460002 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9642 http://www.securitytracker.com/id?1021186 Common Vulnerability Exposure (CVE) ID: CVE-2008-5022 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11186 http://www.securitytracker.com/id?1021188 Common Vulnerability Exposure (CVE) ID: CVE-2008-5023 https://bugzilla.mozilla.org/show_bug.cgi?id=424733 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9908 http://www.securitytracker.com/id?1021189 Common Vulnerability Exposure (CVE) ID: CVE-2008-5024 https://bugzilla.mozilla.org/show_bug.cgi?id=453915 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9063 http://www.securitytracker.com/id?1021192
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: