Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70738
Category:FreeBSD Local Security Checks
Title:FreeBSD Ports: firefox
Summary:The remote host is missing an update to the system; as announced in the referenced advisory.
Description:Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

firefox
linux-firefox
linux-seamonkey
linux-thunderbird
seamonkey
thunderbird

CVE-2012-0442
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18
and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers
to cause a denial of service (memory corruption and application crash)
or possibly execute arbitrary code via unknown vectors.

CVE-2012-0443
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey
before 2.7 allow remote attackers to cause a denial of service (memory
corruption and application crash) or possibly execute arbitrary code
via unknown vectors.

CVE-2011-3670
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before
3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly
enforce the IPv6 literal address syntax, which allows remote attackers
to obtain sensitive information by making XMLHttpRequest calls through
a proxy and reading the error messages.

CVE-2012-0445
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and
SeaMonkey before 2.7 allow remote attackers to bypass the HTML5
frame-navigation policy and replace arbitrary sub-frames by creating a
form submission target with a sub-frame's name attribute.

Text truncated. Please see the references for more information.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-0442
Debian Security Information: DSA-2400 (Google Search)
http://www.debian.org/security/2012/dsa-2400
Debian Security Information: DSA-2402 (Google Search)
http://www.debian.org/security/2012/dsa-2402
Debian Security Information: DSA-2406 (Google Search)
http://www.debian.org/security/2012/dsa-2406
http://www.mandriva.com/security/advisories?name=MDVSA-2012:013
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14678
SuSE Security Announcement: SUSE-SU-2012:0198 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html
SuSE Security Announcement: SUSE-SU-2012:0221 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html
SuSE Security Announcement: openSUSE-SU-2012:0234 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-0443
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14444
Common Vulnerability Exposure (CVE) ID: CVE-2011-3670
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14814
Common Vulnerability Exposure (CVE) ID: CVE-2012-0445
BugTraq ID: 51765
http://www.securityfocus.com/bid/51765
http://osvdb.org/78735
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14907
http://secunia.com/advisories/49055
XForce ISS Database: mozilla-iframeelement-security-bypass(72835)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72835
Common Vulnerability Exposure (CVE) ID: CVE-2011-3659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14697
Common Vulnerability Exposure (CVE) ID: CVE-2012-0446
BugTraq ID: 51752
http://www.securityfocus.com/bid/51752
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14304
XForce ISS Database: mozilla-xpconnect-xss(72837)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72837
Common Vulnerability Exposure (CVE) ID: CVE-2012-0447
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14912
XForce ISS Database: mozilla-mimagebuffersize-info-disclosure(72856)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72856
Common Vulnerability Exposure (CVE) ID: CVE-2012-0449
BugTraq ID: 51754
http://www.securityfocus.com/bid/51754
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14618
XForce ISS Database: mozilla-xsltstylesheets-code-execution(72868)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72868
Common Vulnerability Exposure (CVE) ID: CVE-2012-0450
http://osvdb.org/78741
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14670
XForce ISS Database: mozilla-keyhtml-info-disclosure(72869)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72869
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.