Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2010:042 (firefox)

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.66927

Category: Mandrake Local Security Checks

Title: Mandriva Security Advisory MDVSA-2010:042 (firefox)

Summary: Mandriva Security Advisory MDVSA-2010:042 (firefox)

Description: The remote host is missing an update to firefox
announced via advisory MDVSA-2010:042.

Security issues were identified and fixed in firefox 3.0.x and 3.5.x.
For details, please visit the referenced securitys advisories.

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.

Additionally, some packages which require so, have been rebuilt and
are being provided as updates.

Affected: 2008.0, 2009.1, 2010.0, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:042
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.18
http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.8

Risk factor : Critical

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-0159
Debian Security Information: DSA-1999 (Google Search)
http://www.debian.org/security/2010/dsa-1999
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036097.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036132.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:042
http://www.redhat.com/support/errata/RHSA-2010-0112.html
http://www.redhat.com/support/errata/RHSA-2010-0113.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2010-0154.html
SuSE Security Announcement: SUSE-SA:2010:015 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html
http://www.ubuntu.com/usn/USN-895-1
http://www.ubuntu.com/usn/USN-896-1
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8485
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9590
http://secunia.com/advisories/37242
http://secunia.com/advisories/38770
http://secunia.com/advisories/38772
http://secunia.com/advisories/38847
http://www.vupen.com/english/advisories/2010/0405
http://www.vupen.com/english/advisories/2010/0650
XForce ISS Database: mozilla-browsereng-code-execution(56359)
http://xforce.iss.net/xforce/xfdb/56359
Common Vulnerability Exposure (CVE) ID: CVE-2010-0160
Bugtraq: 20100402 ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/510533/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-10-046
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11166
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8465
XForce ISS Database: mozilla-webworkers-code-execution(56360)
http://xforce.iss.net/xforce/xfdb/56360
Common Vulnerability Exposure (CVE) ID: CVE-2009-1571
Bugtraq: 20100218 Secunia Research: Mozilla Firefox Memory Corruption Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/509585/100/0/threaded
http://secunia.com/secunia_research/2009-45/
http://www.mandriva.com/security/advisories?name=MDVSA-2010:051
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11227
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8615
XForce ISS Database: mozilla-htmlparser-code-exec(56361)
http://xforce.iss.net/xforce/xfdb/56361
Common Vulnerability Exposure (CVE) ID: CVE-2009-3988
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8355
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9384
XForce ISS Database: mozilla-showmodaldialog-xss(56362)
http://xforce.iss.net/xforce/xfdb/56362
Common Vulnerability Exposure (CVE) ID: CVE-2010-0162
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10697
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8631
XForce ISS Database: mozilla-svg-xss(56363)
http://xforce.iss.net/xforce/xfdb/56363

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.66927
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2010:042 (firefox)
Summary:	Mandriva Security Advisory MDVSA-2010:042 (firefox)
Description:	The remote host is missing an update to firefox announced via advisory MDVSA-2010:042. Security issues were identified and fixed in firefox 3.0.x and 3.5.x. For details, please visit the referenced securitys advisories. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Affected: 2008.0, 2009.1, 2010.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:042 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.18 http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.8 Risk factor : Critical
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0159 Debian Security Information: DSA-1999 (Google Search) http://www.debian.org/security/2010/dsa-1999 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036097.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036132.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:042 http://www.redhat.com/support/errata/RHSA-2010-0112.html http://www.redhat.com/support/errata/RHSA-2010-0113.html http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html SuSE Security Announcement: SUSE-SA:2010:015 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html http://www.ubuntu.com/usn/USN-895-1 http://www.ubuntu.com/usn/USN-896-1 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8485 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9590 http://secunia.com/advisories/37242 http://secunia.com/advisories/38770 http://secunia.com/advisories/38772 http://secunia.com/advisories/38847 http://www.vupen.com/english/advisories/2010/0405 http://www.vupen.com/english/advisories/2010/0650 XForce ISS Database: mozilla-browsereng-code-execution(56359) http://xforce.iss.net/xforce/xfdb/56359 Common Vulnerability Exposure (CVE) ID: CVE-2010-0160 Bugtraq: 20100402 ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/510533/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-046 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11166 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8465 XForce ISS Database: mozilla-webworkers-code-execution(56360) http://xforce.iss.net/xforce/xfdb/56360 Common Vulnerability Exposure (CVE) ID: CVE-2009-1571 Bugtraq: 20100218 Secunia Research: Mozilla Firefox Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/509585/100/0/threaded http://secunia.com/secunia_research/2009-45/ http://www.mandriva.com/security/advisories?name=MDVSA-2010:051 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11227 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8615 XForce ISS Database: mozilla-htmlparser-code-exec(56361) http://xforce.iss.net/xforce/xfdb/56361 Common Vulnerability Exposure (CVE) ID: CVE-2009-3988 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8355 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9384 XForce ISS Database: mozilla-showmodaldialog-xss(56362) http://xforce.iss.net/xforce/xfdb/56362 Common Vulnerability Exposure (CVE) ID: CVE-2010-0162 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10697 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8631 XForce ISS Database: mozilla-svg-xss(56363) http://xforce.iss.net/xforce/xfdb/56363
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com