English | Deutsch | Español | Português
 UserID:
 Passwd:
 new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   		     Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.68475
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1011-1 (firefox-3.5)
Summary:Ubuntu USN-1011-1 (firefox-3.5)
Description:The remote host is missing an update to firefox-3.5
announced via advisory USN-1011-1.

Details follow:

Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a
user were tricked into navigating to a malicious site, an attacker could
cause a denial of service or possibly execute arbitrary code as the user
invoking the program.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
firefox-3.0 3.6.12+build1+nobinonly-0ubuntu0.8.04.1

Ubuntu 9.10:
firefox-3.5 3.6.12+build1+nobinonly-0ubuntu0.9.10.1

Ubuntu 10.04 LTS:
abrowser 3.6.12+build1+nobinonly-0ubuntu0.10.04.1
firefox 3.6.12+build1+nobinonly-0ubuntu0.10.04.1

Ubuntu 10.10:
abrowser 3.6.12+build1+nobinonly-0ubuntu0.10.10.1
firefox 3.6.12+build1+nobinonly-0ubuntu0.10.10.1

After a standard system update you need to restart Firefox to make all the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-1011-1

Risk factor : Critical
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-3765
http://www.exploit-db.com/exploits/15341
http://www.exploit-db.com/exploits/15342
http://www.exploit-db.com/exploits/15352
http://isc.sans.edu/diary.html?storyid=9817
http://www.norman.com/about_norman/press_center/news_archive/2010/129223/
http://www.norman.com/security_center/virus_description_archive/129146/
https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53
http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter
Debian Security Information: DSA-2124 (Google Search)
http://www.debian.org/security/2010/dsa-2124
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:213
http://www.mandriva.com/security/advisories?name=MDVSA-2010:219
http://www.redhat.com/support/errata/RHSA-2010-0809.html
http://www.redhat.com/support/errata/RHSA-2010-0810.html
http://www.redhat.com/support/errata/RHSA-2010-0808.html
RedHat Security Advisories: RHSA-2010:0812
https://rhn.redhat.com/errata/RHSA-2010-0812.html
http://www.redhat.com/support/errata/RHSA-2010-0861.html
http://www.redhat.com/support/errata/RHSA-2010-0896.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706
http://www.ubuntu.com/usn/USN-1011-3
http://www.ubuntu.com/usn/usn-1011-1
http://www.ubuntu.com/usn/USN-1011-2
BugTraq ID: 44425
http://www.securityfocus.com/bid/44425
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12108
http://www.securitytracker.com/id?1024650
http://www.securitytracker.com/id?1024651
http://www.securitytracker.com/id?1024645
http://secunia.com/advisories/41966
http://secunia.com/advisories/41969
http://secunia.com/advisories/42008
http://secunia.com/advisories/42043
http://secunia.com/advisories/41761
http://secunia.com/advisories/41965
http://secunia.com/advisories/41975
http://secunia.com/advisories/42003
http://secunia.com/advisories/42867
http://www.vupen.com/english/advisories/2010/2871
http://www.vupen.com/english/advisories/2010/2837
http://www.vupen.com/english/advisories/2010/2857
http://www.vupen.com/english/advisories/2010/2864
http://www.vupen.com/english/advisories/2011/0061
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  
 Forgot userid or passwd?
Email/Userid:



Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2013 E-Soft Inc. All rights reserved.