Test ID:	1.3.6.1.4.1.25623.1.0.67250
Category:	Fedora Local Security Checks
Title:	Fedora Core 13 FEDORA-2010-6204 (xulrunner)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to xulrunner announced via advisory FEDORA-2010-6204. XULRunner provides the XUL Runtime environment for Gecko applications. Update Information: Update to new upstream Firefox version 3.6.3, fixing a security issue detailed in the upstream advisory: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.3 References: [ 1 ] Bug #577029 - CVE-2010-1121 firefox: arbitrary code execution via memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=577029 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update xulrunner' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-6204 Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1121 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010 http://news.cnet.com/8301-27080_3-20001126-245.html http://twitter.com/thezdi/statuses/11005277222 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10924 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6844 http://www.redhat.com/support/errata/RHSA-2010-0500.html http://www.redhat.com/support/errata/RHSA-2010-0501.html http://www.securitytracker.com/id?1023817 http://secunia.com/advisories/40323 http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 SuSE Security Announcement: SUSE-SA:2010:030 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://ubuntu.com/usn/usn-930-1 http://www.ubuntu.com/usn/usn-930-2 http://www.vupen.com/english/advisories/2010/1557 http://www.vupen.com/english/advisories/2010/1592 http://www.vupen.com/english/advisories/2010/1640 http://www.vupen.com/english/advisories/2010/1773
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.