Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70413
Category:FreeBSD Local Security Checks
Title:FreeBSD Ports: firefox
Summary:The remote host is missing an update to the system; as announced in the referenced advisory.
Description:Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

firefox
libxul
linux-firefox
linux-seamonkey
linux-thunderbird
seamonkey
thunderbird

CVE-2011-2372
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before
7.0, and SeaMonkey before 2.4 do not prevent the starting of a
download in response to the holding of the Enter key, which allows
user-assisted remote attackers to bypass intended access restrictions
via a crafted web site.
CVE-2011-2995
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and
SeaMonkey before 2.4 allow remote attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors.
CVE-2011-2996
Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x
before 3.6.23 allows remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors.
CVE-2011-2997
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow
remote attackers to cause a denial of service (memory corruption and
application crash) or possibly execute arbitrary code via unknown
vectors.

Text truncated. Please see the references for more information.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-2372
Debian Security Information: DSA-2312 (Google Search)
http://www.debian.org/security/2011/dsa-2312
Debian Security Information: DSA-2313 (Google Search)
http://www.debian.org/security/2011/dsa-2313
Debian Security Information: DSA-2317 (Google Search)
http://www.debian.org/security/2011/dsa-2317
http://www.mandriva.com/security/advisories?name=MDVSA-2011:139
http://www.mandriva.com/security/advisories?name=MDVSA-2011:140
http://www.mandriva.com/security/advisories?name=MDVSA-2011:141
http://www.mandriva.com/security/advisories?name=MDVSA-2011:142
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13854
http://www.redhat.com/support/errata/RHSA-2011-1341.html
http://secunia.com/advisories/46315
SuSE Security Announcement: SUSE-SU-2011:1256 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html
SuSE Security Announcement: openSUSE-SU-2011:1076 (Google Search)
http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-2995
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13957
Common Vulnerability Exposure (CVE) ID: CVE-2011-2996
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14064
Common Vulnerability Exposure (CVE) ID: CVE-2011-2997
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13911
Common Vulnerability Exposure (CVE) ID: CVE-2011-2999
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14252
Common Vulnerability Exposure (CVE) ID: CVE-2011-3000
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14361
Common Vulnerability Exposure (CVE) ID: CVE-2011-3001
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14442
Common Vulnerability Exposure (CVE) ID: CVE-2011-3002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14388
Common Vulnerability Exposure (CVE) ID: CVE-2011-3003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14054
Common Vulnerability Exposure (CVE) ID: CVE-2011-3004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14121
Common Vulnerability Exposure (CVE) ID: CVE-2011-3005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14352
http://secunia.com/advisories/49055
Common Vulnerability Exposure (CVE) ID: CVE-2011-3232
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14408
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.