Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-1123-1)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.840642
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-1123-1)
Summary:	The remote host is missing an update for the 'xulrunner-1.9.1' package(s) announced via the USN-1123-1 advisory.
Description:	Summary: The remote host is missing an update for the 'xulrunner-1.9.1' package(s) announced via the USN-1123-1 advisory. Vulnerability Insight: A large number of security issues were discovered in the Gecko rendering engine. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Affected Software/OS: 'xulrunner-1.9.1' package(s) on Ubuntu 9.10. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1585 Bugtraq: 20100421 Security-Assessment.com WhitePaper/Addendum: Cross Context Scripting with Firefox & Exploiting Cross Context Scripting vulnerabilities in Firefox (Google Search) http://www.securityfocus.com/archive/1/510883/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 http://www.mandriva.com/security/advisories?name=MDVSA-2011:042 http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/ http://www.security-assessment.com/files/whitepapers/Cross_Context_Scripting_with_Firefox.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12532 Common Vulnerability Exposure (CVE) ID: CVE-2010-3776 BugTraq ID: 45347 http://www.securityfocus.com/bid/45347 Debian Security Information: DSA-2132 (Google Search) http://www.debian.org/security/2010/dsa-2132 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:251 http://www.mandriva.com/security/advisories?name=MDVSA-2010:258 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12389 http://www.redhat.com/support/errata/RHSA-2010-0966.html http://www.redhat.com/support/errata/RHSA-2010-0967.html http://www.redhat.com/support/errata/RHSA-2010-0968.html http://www.redhat.com/support/errata/RHSA-2010-0969.html http://www.securitytracker.com/id?1024846 http://www.securitytracker.com/id?1024848 http://secunia.com/advisories/42716 http://secunia.com/advisories/42818 SuSE Security Announcement: SUSE-SA:2011:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html http://www.ubuntu.com/usn/USN-1019-1 http://www.ubuntu.com/usn/USN-1020-1 http://www.vupen.com/english/advisories/2011/0030 Common Vulnerability Exposure (CVE) ID: CVE-2010-3778 BugTraq ID: 45344 http://www.securityfocus.com/bid/45344 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12622 Common Vulnerability Exposure (CVE) ID: CVE-2011-0051 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14211 http://www.redhat.com/support/errata/RHSA-2011-0312.html http://www.redhat.com/support/errata/RHSA-2011-0313.html Common Vulnerability Exposure (CVE) ID: CVE-2011-0053 BugTraq ID: 46645 http://www.securityfocus.com/bid/46645 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14379 Common Vulnerability Exposure (CVE) ID: CVE-2011-0054 BugTraq ID: 46648 http://www.securityfocus.com/bid/46648 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14018 Common Vulnerability Exposure (CVE) ID: CVE-2011-0055 BugTraq ID: 46661 http://www.securityfocus.com/bid/46661 Bugtraq: 20110302 ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/516802 http://www.zerodayinitiative.com/advisories/ZDI-11-103/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14476 Common Vulnerability Exposure (CVE) ID: CVE-2011-0056 BugTraq ID: 46650 http://www.securityfocus.com/bid/46650 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14013 Common Vulnerability Exposure (CVE) ID: CVE-2011-0057 BugTraq ID: 46663 http://www.securityfocus.com/bid/46663 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14200 Common Vulnerability Exposure (CVE) ID: CVE-2011-0058 BugTraq ID: 46660 http://www.securityfocus.com/bid/46660 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14254 Common Vulnerability Exposure (CVE) ID: CVE-2011-0059 BugTraq ID: 46652 http://www.securityfocus.com/bid/46652 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14473 Common Vulnerability Exposure (CVE) ID: CVE-2011-0062 BugTraq ID: 46647 http://www.securityfocus.com/bid/46647 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14409 Common Vulnerability Exposure (CVE) ID: CVE-2011-0065 Debian Security Information: DSA-2227 (Google Search) http://www.debian.org/security/2011/dsa-2227 Debian Security Information: DSA-2228 (Google Search) http://www.debian.org/security/2011/dsa-2228 Debian Security Information: DSA-2235 (Google Search) http://www.debian.org/security/2011/dsa-2235 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14142 http://securityreason.com/securityalert/8326 http://securityreason.com/securityalert/8331 http://securityreason.com/securityalert/8340 Common Vulnerability Exposure (CVE) ID: CVE-2011-0066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13970 Common Vulnerability Exposure (CVE) ID: CVE-2011-0067 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14523 Common Vulnerability Exposure (CVE) ID: CVE-2011-0069 BugTraq ID: 47656 http://www.securityfocus.com/bid/47656 http://www.mandriva.com/security/advisories?name=MDVSA-2011:080 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14065 Common Vulnerability Exposure (CVE) ID: CVE-2011-0070 BugTraq ID: 47654 http://www.securityfocus.com/bid/47654 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14286 Common Vulnerability Exposure (CVE) ID: CVE-2011-0071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14058 Common Vulnerability Exposure (CVE) ID: CVE-2011-0072 BugTraq ID: 47655 http://www.securityfocus.com/bid/47655 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14038 Common Vulnerability Exposure (CVE) ID: CVE-2011-0073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14020 http://securityreason.com/securityalert/8310 Common Vulnerability Exposure (CVE) ID: CVE-2011-0074 BugTraq ID: 47646 http://www.securityfocus.com/bid/47646 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14317 Common Vulnerability Exposure (CVE) ID: CVE-2011-0075 BugTraq ID: 47647 http://www.securityfocus.com/bid/47647 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14086 Common Vulnerability Exposure (CVE) ID: CVE-2011-0077 BugTraq ID: 47648 http://www.securityfocus.com/bid/47648 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14193 Common Vulnerability Exposure (CVE) ID: CVE-2011-0078 BugTraq ID: 47651 http://www.securityfocus.com/bid/47651 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14246 Common Vulnerability Exposure (CVE) ID: CVE-2011-0080 BugTraq ID: 47641 http://www.securityfocus.com/bid/47641 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13866 Common Vulnerability Exposure (CVE) ID: CVE-2011-1202 BugTraq ID: 46785 http://www.securityfocus.com/bid/46785 http://www.mandriva.com/security/advisories?name=MDVSA-2012:164 http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14244 http://www.vupen.com/english/advisories/2011/0628 XForce ISS Database: google-xslt-info-disclosure(65966) https://exchange.xforce.ibmcloud.com/vulnerabilities/65966
Copyright	Copyright (C) 2011 Greenbone AG