Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.72477
Category:FreeBSD Local Security Checks
Title:FreeBSD Ports: firefox
Summary:The remote host is missing an update to the system; as announced in the referenced advisory.
Description:Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

firefox
linux-firefox
linux-seamonkey
linux-thunderbird
seamonkey
thunderbird
libxul

CVE-2012-3982
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird
before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before
2.13 allow remote attackers to cause a denial of service (memory
corruption and application crash) or possibly execute arbitrary code
via unknown vectors.
CVE-2012-3983
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before
2.13 allow remote attackers to cause a denial of service (memory
corruption and application crash) or possibly execute arbitrary code
via unknown vectors.
CVE-2012-3984
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey
before 2.13 do not properly handle navigation away from a web page
that has a SELECT element's menu active, which allows remote attackers
to spoof page content via vectors involving absolute positioning and
scrolling.
CVE-2012-3985
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey
before 2.13 do not properly implement the HTML5 Same Origin Policy,
which allows remote attackers to conduct cross-site scripting (XSS)
attacks by leveraging initial-origin access after document.domain has
been set.

Text truncated. Please see the references for more information.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3982
BugTraq ID: 55924
http://www.securityfocus.com/bid/55924
Debian Security Information: DSA-2565 (Google Search)
http://www.debian.org/security/2012/dsa-2565
Debian Security Information: DSA-2569 (Google Search)
http://www.debian.org/security/2012/dsa-2569
Debian Security Information: DSA-2572 (Google Search)
http://www.debian.org/security/2012/dsa-2572
http://www.mandriva.com/security/advisories?name=MDVSA-2012:163
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16612
RedHat Security Advisories: RHSA-2012:1351
http://rhn.redhat.com/errata/RHSA-2012-1351.html
http://secunia.com/advisories/50856
http://secunia.com/advisories/50892
http://secunia.com/advisories/50904
http://secunia.com/advisories/50935
http://secunia.com/advisories/50936
http://secunia.com/advisories/50984
http://secunia.com/advisories/51181
http://secunia.com/advisories/55318
SuSE Security Announcement: SUSE-SU-2012:1351 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html
http://www.ubuntu.com/usn/USN-1611-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-3983
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16901
Common Vulnerability Exposure (CVE) ID: CVE-2012-3984
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16184
Common Vulnerability Exposure (CVE) ID: CVE-2012-3985
http://osvdb.org/86106
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16108
Common Vulnerability Exposure (CVE) ID: CVE-2012-3986
BugTraq ID: 55922
http://www.securityfocus.com/bid/55922
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16834
Common Vulnerability Exposure (CVE) ID: CVE-2012-3987
http://osvdb.org/86107
Common Vulnerability Exposure (CVE) ID: CVE-2012-3988
http://osvdb.org/86109
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16334
XForce ISS Database: firefox-full-screen-code-exec(79149)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79149
Common Vulnerability Exposure (CVE) ID: CVE-2012-3989
http://osvdb.org/86097
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16814
Common Vulnerability Exposure (CVE) ID: CVE-2012-3990
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16642
XForce ISS Database: firefox-nsicontent-code-exec(79172)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79172
Common Vulnerability Exposure (CVE) ID: CVE-2012-3991
BugTraq ID: 55930
http://www.securityfocus.com/bid/55930
http://osvdb.org/86098
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16646
Common Vulnerability Exposure (CVE) ID: CVE-2012-3992
BugTraq ID: 56128
http://www.securityfocus.com/bid/56128
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16987
Common Vulnerability Exposure (CVE) ID: CVE-2012-3993
BugTraq ID: 56119
http://www.securityfocus.com/bid/56119
http://osvdb.org/86111
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16718
XForce ISS Database: firefox-cow-privilege-escalation(79153)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79153
Common Vulnerability Exposure (CVE) ID: CVE-2012-3994
BugTraq ID: 56118
http://www.securityfocus.com/bid/56118
http://osvdb.org/86110
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16798
Common Vulnerability Exposure (CVE) ID: CVE-2012-3995
BugTraq ID: 56136
http://www.securityfocus.com/bid/56136
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16808
XForce ISS Database: firefox-iscsswordspacingspace-code-exec(79156)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79156
Common Vulnerability Exposure (CVE) ID: CVE-2012-4179
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16882
XForce ISS Database: firefox-createcsspropertytxn-code-exec(79157)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79157
Common Vulnerability Exposure (CVE) ID: CVE-2012-4180
http://osvdb.org/86099
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16428
XForce ISS Database: firefox-isprevcharinnode-bo(79158)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79158
Common Vulnerability Exposure (CVE) ID: CVE-2012-4181
BugTraq ID: 56130
http://www.securityfocus.com/bid/56130
http://osvdb.org/86100
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16523
XForce ISS Database: firefox-nssmilanimationcontroller-code-exec(79159)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79159
Common Vulnerability Exposure (CVE) ID: CVE-2012-4182
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16191
XForce ISS Database: firefox-nstexteditrules-code-exec(79160)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79160
Common Vulnerability Exposure (CVE) ID: CVE-2012-4183
BugTraq ID: 56140
http://www.securityfocus.com/bid/56140
http://osvdb.org/86095
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16850
XForce ISS Database: firefox-domsvgtests-code-exec(79161)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79161
Common Vulnerability Exposure (CVE) ID: CVE-2012-4184
BugTraq ID: 56120
http://www.securityfocus.com/bid/56120
http://osvdb.org/86113
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16946
XForce ISS Database: firefox-cow-xss(79154)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79154
Common Vulnerability Exposure (CVE) ID: CVE-2012-4186
http://osvdb.org/86117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16193
XForce ISS Database: firefox-nswavereader-bo(79163)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79163
Common Vulnerability Exposure (CVE) ID: CVE-2012-4187
BugTraq ID: 56125
http://www.securityfocus.com/bid/56125
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16425
Common Vulnerability Exposure (CVE) ID: CVE-2012-4188
http://osvdb.org/86096
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16964
XForce ISS Database: firefox-convolve3x3-bo(79165)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79165
Common Vulnerability Exposure (CVE) ID: CVE-2012-4190
http://www.securitytracker.com/id?1027653
XForce ISS Database: firefox-freetype-code-execution(79208)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79208
Common Vulnerability Exposure (CVE) ID: CVE-2012-4191
http://osvdb.org/86125
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16719
http://secunia.com/advisories/50929
http://www.ubuntu.com/usn/USN-1608-1
XForce ISS Database: mozilla-websockets-code-execution(79209)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79209
Common Vulnerability Exposure (CVE) ID: CVE-2012-4192
http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17095
XForce ISS Database: mozilla-sop-security-bypass(79210)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79210
Common Vulnerability Exposure (CVE) ID: CVE-2012-4193
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16786
RedHat Security Advisories: RHSA-2012:1361
http://rhn.redhat.com/errata/RHSA-2012-1361.html
RedHat Security Advisories: RHSA-2012:1362
http://rhn.redhat.com/errata/RHSA-2012-1362.html
http://secunia.com/advisories/50906
http://secunia.com/advisories/50907
http://secunia.com/advisories/50964
XForce ISS Database: mozilla-location-security-bypass(79211)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79211
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.