Test ID:	1.3.6.1.4.1.25623.1.0.840027
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-490-1)
Summary:	The remote host is missing an update for the 'firefox' package(s) announced via the USN-490-1 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox' package(s) announced via the USN-490-1 advisory. Vulnerability Insight: Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-3734, CVE-2007-3735) Flaws were discovered in the JavaScript methods addEventListener and setTimeout which could be used to inject script into another site in violation of the browser's same-origin policy. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-3736) Ronen Zilberman and Michal Zalewski discovered timing attacks in the JavaScript engine's use of about:blank frames. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-3089) A flaw was discovered in the JavaScript event handling code. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-3737) Ronald van den Heetkamp discovered that filename URLs including an encoded null byte could confuse the extension matching code. By tricking a user into opening a malicious web page, an attacker could execute arbitrary helper programs. (CVE-2007-3285) Michal Zalewski discovered flaws in the same-origin handling of cached 'wyciwyg://' documents. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-3656) Various flaws were discovered in the XPCNativeWrapper method. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-3738). Affected Software/OS: 'firefox' package(s) on Ubuntu 6.06, Ubuntu 6.10, Ubuntu 7.04. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3089 BugTraq ID: 24286 http://www.securityfocus.com/bid/24286 Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/470446/100/0/threaded Bugtraq: 20070720 rPSA-2007-0148-1 firefox thunderbird (Google Search) http://www.securityfocus.com/archive/1/474226/100/0/threaded Bugtraq: 20070724 FLEA-2007-0033-1: firefox thunderbird (Google Search) http://www.securityfocus.com/archive/1/474542/100/0/threaded Cert/CC Advisory: TA07-199A http://www.us-cert.gov/cas/techalerts/TA07-199A.html CERT/CC vulnerability note: VU#143297 http://www.kb.cert.org/vuls/id/143297 Debian Security Information: DSA-1337 (Google Search) http://www.debian.org/security/2007/dsa-1337 Debian Security Information: DSA-1338 (Google Search) http://www.debian.org/security/2007/dsa-1338 Debian Security Information: DSA-1339 (Google Search) http://www.debian.org/security/2007/dsa-1339 http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml HPdes Security Advisory: HPSBUX02153 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 HPdes Security Advisory: SSRT061181 http://www.mandriva.com/security/advisories?name=MDKSA-2007:152 http://lcamtuf.coredump.cx/ifsnatch/ https://bugzilla.mozilla.org/show_bug.cgi?id=381300 https://bugzilla.mozilla.org/show_bug.cgi?id=382686 http://osvdb.org/38024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11122 http://www.redhat.com/support/errata/RHSA-2007-0722.html http://www.redhat.com/support/errata/RHSA-2007-0723.html http://www.redhat.com/support/errata/RHSA-2007-0724.html http://www.securitytracker.com/id?1018412 http://secunia.com/advisories/25589 http://secunia.com/advisories/26072 http://secunia.com/advisories/26095 http://secunia.com/advisories/26103 http://secunia.com/advisories/26106 http://secunia.com/advisories/26107 http://secunia.com/advisories/26149 http://secunia.com/advisories/26151 http://secunia.com/advisories/26159 http://secunia.com/advisories/26179 http://secunia.com/advisories/26204 http://secunia.com/advisories/26205 http://secunia.com/advisories/26211 http://secunia.com/advisories/26216 http://secunia.com/advisories/26258 http://secunia.com/advisories/26271 http://secunia.com/advisories/26460 http://secunia.com/advisories/28135 SGI Security Advisory: 20070701-01-P ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc http://securityreason.com/securityalert/2781 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1 SuSE Security Announcement: SUSE-SA:2007:049 (Google Search) http://www.novell.com/linux/security/advisories/2007_49_mozilla.html http://www.ubuntu.com/usn/usn-490-1 http://www.vupen.com/english/advisories/2007/2564 http://www.vupen.com/english/advisories/2007/4256 XForce ISS Database: firefox-iframe-security-bypass(34701) https://exchange.xforce.ibmcloud.com/vulnerabilities/34701 Common Vulnerability Exposure (CVE) ID: CVE-2007-3285 BugTraq ID: 24447 http://www.securityfocus.com/bid/24447 http://www.0x000000.com/?i=333 https://bugzilla.mozilla.org/show_bug.cgi?id=383478 http://osvdb.org/38032 http://www.securitytracker.com/id?1018413 Common Vulnerability Exposure (CVE) ID: CVE-2007-3656 BugTraq ID: 24831 http://www.securityfocus.com/bid/24831 Bugtraq: 20070709 Firefox wyciwyg:// cache zone bypass (Google Search) http://www.securityfocus.com/archive/1/473191/100/0/threaded http://lcamtuf.coredump.cx/ffcache/ http://osvdb.org/38028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9105 http://www.securitytracker.com/id?1018411 http://secunia.com/advisories/25990 http://securityreason.com/securityalert/2872 XForce ISS Database: mozilla-wyciwyg-security-bypass(35298) https://exchange.xforce.ibmcloud.com/vulnerabilities/35298 Common Vulnerability Exposure (CVE) ID: CVE-2007-3734 1018408 http://www.securitytracker.com/id?1018408 103177 20070701-01-P 20070720 rPSA-2007-0148-1 firefox thunderbird 20070724 FLEA-2007-0033-1: firefox thunderbird 201516 24946 http://www.securityfocus.com/bid/24946 25589 26072 26095 26096 http://secunia.com/advisories/26096 26103 26106 26107 26149 26151 26159 26176 http://secunia.com/advisories/26176 26179 26204 26205 26211 26216 26258 26271 26460 26572 http://secunia.com/advisories/26572 27326 http://secunia.com/advisories/27326 28135 28363 http://secunia.com/advisories/28363 ADV-2007-2564 ADV-2007-2565 http://www.vupen.com/english/advisories/2007/2565 ADV-2007-4256 ADV-2008-0082 http://www.vupen.com/english/advisories/2008/0082 DSA-1337 DSA-1338 DSA-1339 DSA-1391 http://www.debian.org/security/2007/dsa-1391 GLSA-200708-09 HPSBUX02153 HPSBUX02156 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 MDKSA-2007:152 MDVSA-2007:047 http://www.mandriva.com/security/advisories?name=MDVSA-2007:047 MDVSA-2008:047 http://www.mandriva.com/security/advisories?name=MDVSA-2008:047 RHSA-2007:0722 RHSA-2007:0723 RHSA-2007:0724 SSRT061181 SSRT061236 SUSE-SA:2007:049 USN-490-1 USN-503-1 http://www.ubuntu.com/usn/usn-503-1 ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html http://www.mozilla.org/security/announce/2007/mfsa2007-18.html mozilla-browser-engine-code-execution(35458) https://exchange.xforce.ibmcloud.com/vulnerabilities/35458 oval:org.mitre.oval:def:10108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10108 Common Vulnerability Exposure (CVE) ID: CVE-2007-3735 mozilla-javascript-eng-code-execution(35459) https://exchange.xforce.ibmcloud.com/vulnerabilities/35459 oval:org.mitre.oval:def:11066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11066 Common Vulnerability Exposure (CVE) ID: CVE-2007-3736 1018410 http://www.securitytracker.com/id?1018410 http://www.mozilla.org/security/announce/2007/mfsa2007-19.html mozilla-addeventlistener-settimeout-xss(35462) https://exchange.xforce.ibmcloud.com/vulnerabilities/35462 oval:org.mitre.oval:def:11749 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11749 Common Vulnerability Exposure (CVE) ID: CVE-2007-3737 1018409 http://www.securitytracker.com/id?1018409 firefox-eventhandler-code-execution(35461) https://exchange.xforce.ibmcloud.com/vulnerabilities/35461 http://www.mozilla.org/security/announce/2007/mfsa2007-21.html oval:org.mitre.oval:def:10009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10009 Common Vulnerability Exposure (CVE) ID: CVE-2007-3738 1018414 http://www.securitytracker.com/id?1018414 SUSE-SA:2007:057 http://www.novell.com/linux/security/advisories/2007_57_mozilla.html firefox-xpcnativewrapper-code-execution(35460) https://exchange.xforce.ibmcloud.com/vulnerabilities/35460 http://www.mozilla.org/security/announce/2007/mfsa2007-25.html oval:org.mitre.oval:def:9875 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9875
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.