|Category:||Mandrake Local Security Checks|
|Title:||Mandriva Security Advisory MDVSA-2012:022-1 (mozilla)|
The remote host is missing an update to mozilla
announced via advisory MDVSA-2012:022-1.
Security issues were identified and fixed in mozilla firefox and
An integer overflow in the libpng library can lead to a heap-buffer
overflow when decompressing certain PNG images. This leads to a crash,
which may be potentially exploitable (CVE-2011-3026).
The mozilla firefox and thunderbird packages has been upgraded to the
latest respective versions whish is not affecte dby this security flaw.
Additionally the rootcerts packages (root CA cerificates bundle)
has been upgraded to the latest version as of 2012/02/18 and the NSS
library has been rebuilt accordingly to pickup the changes.
This is a symbolic advisory correction because there was a clash with
MDVSA-2012:022 that addressed libpng.
Affected: 2010.1, 2011., Enterprise Server 5.0
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
Risk factor : High
Common Vulnerability Exposure (CVE) ID: CVE-2011-3026|
SuSE Security Announcement: SUSE-SU-2012:0303 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:0297 (Google Search)
|Copyright||Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.