English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.64910
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDVSA-2009:236 (firefox)
Summary:The remote host is missing an update to firefox;announced via advisory MDVSA-2009:236.
Description:Summary:
The remote host is missing an update to firefox
announced via advisory MDVSA-2009:236.

Vulnerability Insight:
Security issues were identified and fixed in firefox 3.0.x:

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.14 allow remote attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors (CVE-2009-3069, CVE-2009-3070,
CVE-2009-3071, CVE-2009-3072).

Multiple unspecified vulnerabilities in the JavaScript engine in
Mozilla Firefox before 3.0.14 allows remote attackers to cause
a denial of service (memory corruption and application crash) or
possibly execute arbitrary code via unknown vectors (CVE-2009-3073,
CVE-2009-3074, CVE-2009-3075).

Mozilla Firefox before 3.0.14 does not properly implement
certain dialogs associated with the (1) pkcs11.addmodule and (2)
pkcs11.deletemodule operations, which makes it easier for remote
attackers to trick a user into installing or removing an arbitrary
PKCS11 module (CVE-2009-3076).

Mozilla Firefox before 3.0.14 does not properly manage pointers for the
columns (aka TreeColumns) of a XUL tree element, which allows remote
attackers to execute arbitrary code via a crafted HTML document,
related to a dangling pointer vulnerability. (CVE-2009-3077).

Visual truncation vulnerability in Mozilla Firefox before 3.0.14
allows remote attackers to trigger a vertical scroll and spoof URLs
via unspecified Unicode characters with a tall line-height property
(CVE-2009-3078).

Unspecified vulnerability in Mozilla Firefox before 3.0.14 allows
remote attackers to execute arbitrary JavaScript with chrome
privileges via vectors involving an object, the FeedWriter, and the
BrowserFeedWriter (CVE-2009-3079).

This update provides the latest Mozilla Firefox 3.0.x to correct
these issues.

Additionally, some packages which require so, have been rebuilt and
are being provided as updates.

Affected: 2009.0, 2009.1, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-3069
36343
http://www.securityfocus.com/bid/36343
36671
http://secunia.com/advisories/36671
37098
http://secunia.com/advisories/37098
SUSE-SA:2009:048
http://www.novell.com/linux/security/advisories/2009_48_firefox.html
http://www.mozilla.org/security/announce/2009/mfsa2009-47.html
https://bugzilla.mozilla.org/show_bug.cgi?id=506838
oval:org.mitre.oval:def:5989
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5989
Common Vulnerability Exposure (CVE) ID: CVE-2009-3070
36670
http://secunia.com/advisories/36670
36692
http://secunia.com/advisories/36692
DSA-1885
http://www.debian.org/security/2009/dsa-1885
RHSA-2009:1430
http://www.redhat.com/support/errata/RHSA-2009-1430.html
https://bugzilla.mozilla.org/show_bug.cgi?id=430569
https://bugzilla.mozilla.org/show_bug.cgi?id=437565
https://bugzilla.mozilla.org/show_bug.cgi?id=465651
oval:org.mitre.oval:def:11702
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11702
oval:org.mitre.oval:def:6073
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6073
Common Vulnerability Exposure (CVE) ID: CVE-2009-3071
https://bugzilla.mozilla.org/show_bug.cgi?id=490196
https://bugzilla.mozilla.org/show_bug.cgi?id=493649
https://bugzilla.mozilla.org/show_bug.cgi?id=495444
https://bugzilla.mozilla.org/show_bug.cgi?id=502017
oval:org.mitre.oval:def:10698
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10698
oval:org.mitre.oval:def:5905
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5905
Common Vulnerability Exposure (CVE) ID: CVE-2009-3072
36669
http://secunia.com/advisories/36669
38977
http://secunia.com/advisories/38977
39001
http://secunia.com/advisories/39001
ADV-2010-0648
http://www.vupen.com/english/advisories/2010/0648
ADV-2010-0650
http://www.vupen.com/english/advisories/2010/0650
RHSA-2009:1431
http://www.redhat.com/support/errata/RHSA-2009-1431.html
RHSA-2009:1432
http://www.redhat.com/support/errata/RHSA-2009-1432.html
RHSA-2010:0153
http://www.redhat.com/support/errata/RHSA-2010-0153.html
RHSA-2010:0154
http://www.redhat.com/support/errata/RHSA-2010-0154.html
SUSE-SR:2010:013
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
USN-915-1
http://www.ubuntu.com/usn/USN-915-1
http://www.mozilla.org/security/announce/2010/mfsa2010-07.html
https://bugzilla.mozilla.org/show_bug.cgi?id=494283
https://bugzilla.mozilla.org/show_bug.cgi?id=501900
https://bugzilla.mozilla.org/show_bug.cgi?id=508074
oval:org.mitre.oval:def:10349
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10349
oval:org.mitre.oval:def:6315
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6315
Common Vulnerability Exposure (CVE) ID: CVE-2009-3073
https://bugzilla.mozilla.org/show_bug.cgi?id=507292
oval:org.mitre.oval:def:6398
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6398
Common Vulnerability Exposure (CVE) ID: CVE-2009-3074
firefox-javascript-code-exec(53157)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53157
https://bugzilla.mozilla.org/show_bug.cgi?id=467493
oval:org.mitre.oval:def:6053
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6053
oval:org.mitre.oval:def:9444
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9444
Common Vulnerability Exposure (CVE) ID: CVE-2009-3075
https://bugzilla.mozilla.org/show_bug.cgi?id=441714
https://bugzilla.mozilla.org/show_bug.cgi?id=505305
mozilla-javascript-engine-code-exec(53158)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53158
oval:org.mitre.oval:def:11365
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11365
oval:org.mitre.oval:def:5717
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5717
Common Vulnerability Exposure (CVE) ID: CVE-2009-3076
1022877
http://www.securitytracker.com/id?1022877
http://www.mozilla.org/security/announce/2009/mfsa2009-48.html
https://bugzilla.mozilla.org/show_bug.cgi?id=326628
https://bugzilla.mozilla.org/show_bug.cgi?id=509413
oval:org.mitre.oval:def:6140
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6140
oval:org.mitre.oval:def:9306
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9306
Common Vulnerability Exposure (CVE) ID: CVE-2009-3077
http://www.mozilla.org/security/announce/2009/mfsa2009-49.html
https://bugzilla.mozilla.org/show_bug.cgi?id=506871
oval:org.mitre.oval:def:10730
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10730
oval:org.mitre.oval:def:5606
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5606
Common Vulnerability Exposure (CVE) ID: CVE-2009-3078
1022875
http://www.securitytracker.com/id?1022875
http://www.mozilla.org/security/announce/2009/mfsa2009-50.html
https://bugzilla.mozilla.org/show_bug.cgi?id=453827
oval:org.mitre.oval:def:10871
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10871
oval:org.mitre.oval:def:5418
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5418
Common Vulnerability Exposure (CVE) ID: CVE-2009-3079
1022873
http://www.securitytracker.com/id?1022873
36757
http://secunia.com/advisories/36757
DSA-1886
http://www.debian.org/security/2009/dsa-1886
http://www.mozilla.org/security/announce/2009/mfsa2009-51.html
https://bugzilla.mozilla.org/show_bug.cgi?id=454363
oval:org.mitre.oval:def:10390
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390
oval:org.mitre.oval:def:6250
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250
CopyrightCopyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.