Test ID:	1.3.6.1.4.1.25623.1.0.68359
Category:	Fedora Local Security Checks
Title:	Fedora Core 14 FEDORA-2010-16897 (perl-Gtk2-MozEmbed)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to perl-Gtk2-MozEmbed announced via advisory FEDORA-2010-16897. Update Information: Update to new upstream Firefox version 3.6.12, fixing multiple security issues detailed in the upstream advisories: * http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.11 * http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.12 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. References: [ 1 ] Bug #642275 - CVE-2010-3175 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642275 [ 2 ] Bug #642272 - CVE-2010-3176 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642272 [ 3 ] Bug #642277 - CVE-2010-3179 Mozilla buffer overflow and memory corruption using document.write https://bugzilla.redhat.com/show_bug.cgi?id=642277 [ 4 ] Bug #642283 - CVE-2010-3180 Mozilla use-after-free error in nsBarProp https://bugzilla.redhat.com/show_bug.cgi?id=642283 [ 5 ] Bug #642286 - CVE-2010-3183 Mozilla dangling pointer vulnerability in LookupGetterOrSetter https://bugzilla.redhat.com/show_bug.cgi?id=642286 [ 6 ] Bug #642290 - CVE-2010-3177 Mozilla XSS in gopher parser when parsing hrefs https://bugzilla.redhat.com/show_bug.cgi?id=642290 [ 7 ] Bug #642294 - CVE-2010-3178 Mozilla cross-site information disclosure via modal calls https://bugzilla.redhat.com/show_bug.cgi?id=642294 [ 8 ] Bug #642300 - CVE-2010-3182 Mozilla unsafe library loading flaw https://bugzilla.redhat.com/show_bug.cgi?id=642300 [ 9 ] Bug #646997 - CVE-2010-3765 Firefox race condition flaw (MFSA 2010-73) https://bugzilla.redhat.com/show_bug.cgi?id=646997 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update perl-Gtk2-MozEmbed' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-16897 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3175 BugTraq ID: 44245 http://www.securityfocus.com/bid/44245 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:210 http://www.mandriva.com/security/advisories?name=MDVSA-2010:211 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11943 http://www.redhat.com/support/errata/RHSA-2010-0782.html http://www.redhat.com/support/errata/RHSA-2010-0861.html http://www.redhat.com/support/errata/RHSA-2010-0896.html http://secunia.com/advisories/42867 http://www.ubuntu.com/usn/USN-997-1 http://www.ubuntu.com/usn/USN-998-1 http://www.vupen.com/english/advisories/2011/0061 Common Vulnerability Exposure (CVE) ID: CVE-2010-3176 BugTraq ID: 44243 http://www.securityfocus.com/bid/44243 Debian Security Information: DSA-2124 (Google Search) http://www.debian.org/security/2010/dsa-2124 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12132 http://www.redhat.com/support/errata/RHSA-2010-0780.html http://www.redhat.com/support/errata/RHSA-2010-0781.html Common Vulnerability Exposure (CVE) ID: CVE-2010-3179 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11675 Common Vulnerability Exposure (CVE) ID: CVE-2010-3180 BugTraq ID: 44248 http://www.securityfocus.com/bid/44248 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12158 Common Vulnerability Exposure (CVE) ID: CVE-2010-3183 BugTraq ID: 44249 http://www.securityfocus.com/bid/44249 http://www.zerodayinitiative.com/advisories/ZDI-10-219/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11891 Common Vulnerability Exposure (CVE) ID: CVE-2010-3177 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12202 Common Vulnerability Exposure (CVE) ID: CVE-2010-3178 BugTraq ID: 44252 http://www.securityfocus.com/bid/44252 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12120 Common Vulnerability Exposure (CVE) ID: CVE-2010-3182 BugTraq ID: 44251 http://www.securityfocus.com/bid/44251 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13844 Common Vulnerability Exposure (CVE) ID: CVE-2010-3765 BugTraq ID: 44425 http://www.securityfocus.com/bid/44425 http://www.exploit-db.com/exploits/15341 http://www.exploit-db.com/exploits/15342 http://www.exploit-db.com/exploits/15352 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:213 http://www.mandriva.com/security/advisories?name=MDVSA-2010:219 http://isc.sans.edu/diary.html?storyid=9817 http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter http://www.norman.com/about_norman/press_center/news_archive/2010/129223/ http://www.norman.com/security_center/virus_description_archive/129146/ https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108 http://www.redhat.com/support/errata/RHSA-2010-0808.html http://www.redhat.com/support/errata/RHSA-2010-0809.html http://www.redhat.com/support/errata/RHSA-2010-0810.html RedHat Security Advisories: RHSA-2010:0812 https://rhn.redhat.com/errata/RHSA-2010-0812.html http://www.securitytracker.com/id?1024645 http://www.securitytracker.com/id?1024650 http://www.securitytracker.com/id?1024651 http://secunia.com/advisories/41761 http://secunia.com/advisories/41965 http://secunia.com/advisories/41966 http://secunia.com/advisories/41969 http://secunia.com/advisories/41975 http://secunia.com/advisories/42003 http://secunia.com/advisories/42008 http://secunia.com/advisories/42043 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706 http://www.ubuntu.com/usn/usn-1011-1 http://www.ubuntu.com/usn/USN-1011-2 http://www.ubuntu.com/usn/USN-1011-3 http://www.vupen.com/english/advisories/2010/2837 http://www.vupen.com/english/advisories/2010/2857 http://www.vupen.com/english/advisories/2010/2864 http://www.vupen.com/english/advisories/2010/2871
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.