Test ID:	1.3.6.1.4.1.25623.1.0.63511
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-728-2)
Summary:	The remote host is missing an update for the 'firefox' package(s) announced via the USN-728-2 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox' package(s) announced via the USN-728-2 advisory. Vulnerability Insight: Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0772, CVE-2009-0774) Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website. (CVE-2009-0776) Affected Software/OS: 'firefox' package(s) on Ubuntu 7.10. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0772 1021795 http://www.securitytracker.com/id?1021795 33990 http://www.securityfocus.com/bid/33990 34137 http://secunia.com/advisories/34137 34140 http://secunia.com/advisories/34140 34145 http://secunia.com/advisories/34145 34272 http://secunia.com/advisories/34272 34324 http://secunia.com/advisories/34324 34383 http://secunia.com/advisories/34383 34387 http://secunia.com/advisories/34387 34417 http://secunia.com/advisories/34417 34462 http://secunia.com/advisories/34462 34464 http://secunia.com/advisories/34464 34527 http://secunia.com/advisories/34527 ADV-2009-0632 http://www.vupen.com/english/advisories/2009/0632 DSA-1751 http://www.debian.org/security/2009/dsa-1751 DSA-1830 http://www.debian.org/security/2009/dsa-1830 FEDORA-2009-2882 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html FEDORA-2009-2884 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html FEDORA-2009-3101 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html MDVSA-2009:075 http://www.mandriva.com/security/advisories?name=MDVSA-2009:075 MDVSA-2009:083 http://www.mandriva.com/security/advisories?name=MDVSA-2009:083 RHSA-2009:0258 http://www.redhat.com/support/errata/RHSA-2009-0258.html RHSA-2009:0315 http://www.redhat.com/support/errata/RHSA-2009-0315.html RHSA-2009:0325 http://www.redhat.com/support/errata/RHSA-2009-0325.html SSA:2009-083-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420 SSA:2009-083-03 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952 SUSE-SA:2009:012 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html SUSE-SA:2009:023 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html USN-741-1 https://usn.ubuntu.com/741-1/ http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document http://www.mozilla.org/security/announce/2009/mfsa2009-07.html https://bugzilla.mozilla.org/show_bug.cgi?id=475136 oval:org.mitre.oval:def:5703 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5703 oval:org.mitre.oval:def:5945 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5945 oval:org.mitre.oval:def:6097 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6097 oval:org.mitre.oval:def:6811 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6811 oval:org.mitre.oval:def:9609 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9609 Common Vulnerability Exposure (CVE) ID: CVE-2009-0774 https://bugzilla.mozilla.org/show_bug.cgi?id=473709 oval:org.mitre.oval:def:11138 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11138 oval:org.mitre.oval:def:5947 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5947 oval:org.mitre.oval:def:6057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6057 oval:org.mitre.oval:def:6121 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6121 oval:org.mitre.oval:def:6945 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6945 Common Vulnerability Exposure (CVE) ID: CVE-2009-0776 1021797 http://www.securitytracker.com/id?1021797 http://www.mozilla.org/security/announce/2009/mfsa2009-09.html https://bugzilla.mozilla.org/show_bug.cgi?id=414540 oval:org.mitre.oval:def:5956 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5956 oval:org.mitre.oval:def:6017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6017 oval:org.mitre.oval:def:6191 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6191 oval:org.mitre.oval:def:7390 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7390 oval:org.mitre.oval:def:9241 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9241
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.