Test ID:	1.3.6.1.4.1.25623.1.0.67664
Category:	CentOS Local Security Checks
Title:	CentOS Security Advisory CESA-2010:0501 (firefox)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates to firefox announced in advisory CESA-2010:0501. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2010:0501 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2010:0501 https://rhn.redhat.com/errata/RHSA-2010-0501.html Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5913 BugTraq ID: 33276 http://www.securityfocus.com/bid/33276 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:125 http://arstechnica.com/news.ars/post/20090113-new-method-of-phishmongering-could-fool-experienced-users.html http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212900161 http://www.infoworld.com/article/09/01/13/Browser_bug_could_allow_phishing_without_email_1.html http://www.trusteer.com/files/In-session-phishing-advisory-2.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11139 http://www.redhat.com/support/errata/RHSA-2010-0500.html http://www.redhat.com/support/errata/RHSA-2010-0501.html http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 SuSE Security Announcement: SUSE-SA:2010:030 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://ubuntu.com/usn/usn-930-1 http://www.ubuntu.com/usn/usn-930-2 http://www.vupen.com/english/advisories/2010/1551 http://www.vupen.com/english/advisories/2010/1557 http://www.vupen.com/english/advisories/2010/1592 http://www.vupen.com/english/advisories/2010/1640 http://www.vupen.com/english/advisories/2010/1773 Common Vulnerability Exposure (CVE) ID: CVE-2010-0182 BugTraq ID: 39479 http://www.securityfocus.com/bid/39479 http://www.mandriva.com/security/advisories?name=MDVSA-2010:070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7618 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9375 http://secunia.com/advisories/39397 SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://ubuntu.com/usn/usn-921-1 http://www.vupen.com/english/advisories/2010/0748 http://www.vupen.com/english/advisories/2010/0849 XForce ISS Database: firefox-xmldocumentload-weak-security(57396) https://exchange.xforce.ibmcloud.com/vulnerabilities/57396 Common Vulnerability Exposure (CVE) ID: CVE-2010-1121 http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010 http://news.cnet.com/8301-27080_3-20001126-245.html http://twitter.com/thezdi/statuses/11005277222 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10924 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6844 http://www.securitytracker.com/id?1023817 http://secunia.com/advisories/40323 Common Vulnerability Exposure (CVE) ID: CVE-2010-1125 Bugtraq: 20100313 ...because you can't get enough of clickjacking (Google Search) http://www.securityfocus.com/archive/1/510070/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10386 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13962 http://www.securitytracker.com/id?1024138 Common Vulnerability Exposure (CVE) ID: CVE-2010-1196 BugTraq ID: 41050 http://www.securityfocus.com/bid/41050 BugTraq ID: 41087 http://www.securityfocus.com/bid/41087 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11424 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14017 http://www.securitytracker.com/id?1024139 XForce ISS Database: firefox-nsgenericdomdatanode-bo(59665) https://exchange.xforce.ibmcloud.com/vulnerabilities/59665 Common Vulnerability Exposure (CVE) ID: CVE-2010-1197 BugTraq ID: 41103 http://www.securityfocus.com/bid/41103 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10168 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14186 http://www.redhat.com/support/errata/RHSA-2010-0499.html http://www.vupen.com/english/advisories/2010/1556 XForce ISS Database: firefox-contentdisposition-security-bypass(59667) https://exchange.xforce.ibmcloud.com/vulnerabilities/59667 Common Vulnerability Exposure (CVE) ID: CVE-2010-1198 BugTraq ID: 41102 http://www.securityfocus.com/bid/41102 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14176 XForce ISS Database: firefox-plugin-instances-code-exec(59664) https://exchange.xforce.ibmcloud.com/vulnerabilities/59664 Common Vulnerability Exposure (CVE) ID: CVE-2010-1199 BugTraq ID: 41082 http://www.securityfocus.com/bid/41082 Bugtraq: 20100623 ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511972/100/0/threaded http://www.exploit-db.com/exploits/14949 http://www.zerodayinitiative.com/advisories/ZDI-10-113 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10885 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13287 XForce ISS Database: firefox-xslt-node-code-execution(59666) https://exchange.xforce.ibmcloud.com/vulnerabilities/59666 Common Vulnerability Exposure (CVE) ID: CVE-2010-1200 BugTraq ID: 41090 http://www.securityfocus.com/bid/41090 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10816 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14326 XForce ISS Database: firefox-seamonkey-browser-code-exec(59659) https://exchange.xforce.ibmcloud.com/vulnerabilities/59659 Common Vulnerability Exposure (CVE) ID: CVE-2010-1202 BugTraq ID: 41094 http://www.securityfocus.com/bid/41094 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10889 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14308 XForce ISS Database: firefox-javascript-ce(59661) https://exchange.xforce.ibmcloud.com/vulnerabilities/59661 Common Vulnerability Exposure (CVE) ID: CVE-2010-1203 BugTraq ID: 41099 http://www.securityfocus.com/bid/41099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10401 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8317 XForce ISS Database: mozilla-firefox-javascript-ce(59662) https://exchange.xforce.ibmcloud.com/vulnerabilities/59662
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.