English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.850348
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2012:1345-1)
Summary:The remote host is missing an update for the 'MozillaFirefox'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'MozillaFirefox'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The Mozilla suite received following security updates
(bnc#783533):

Mozilla Firefox was updated to 16.0.1. Mozilla Seamonkey
was updated to 2.13.1. Mozilla Thunderbird was updated to
16.0.1. Mozilla XULRunner was updated to 16.0.1.

* MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous
memory safety hazards

* MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952,
bmo#720619) defaultValue security checks not applied

* MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous
memory safety hazards

* MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element
persistence allows for attacks

* MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued
access to initial origin after setting document.domain

* MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some
DOMWindowUtils methods bypass security checks

* MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash
with full screen and history navigation

* MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with
invalid cast when using instanceof operator

* MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty
function can bypass security checks

* MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and
location property accessible by plugins

* MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101,
bmo#780370) Chrome Object Wrapper (COW) does not
disallow access to privileged functions or properties

* MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and
script injection through location.hash

* MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
Use-after-free, buffer overflow, and out of bounds read
issues found using Address Sanitizer

* MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
CVE-2012-4188 Heap memory corruption issues found using
Address Sanitizer

* MFSA 2012-87/CVE-2012-3990 (bmo#787704)

Affected Software/OS:
MozillaFirefox on openSUSE 12.1, openSUSE 11.4

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3982
BugTraq ID: 55924
http://www.securityfocus.com/bid/55924
Debian Security Information: DSA-2565 (Google Search)
http://www.debian.org/security/2012/dsa-2565
Debian Security Information: DSA-2569 (Google Search)
http://www.debian.org/security/2012/dsa-2569
Debian Security Information: DSA-2572 (Google Search)
http://www.debian.org/security/2012/dsa-2572
http://www.mandriva.com/security/advisories?name=MDVSA-2012:163
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16612
RedHat Security Advisories: RHSA-2012:1351
http://rhn.redhat.com/errata/RHSA-2012-1351.html
http://secunia.com/advisories/50856
http://secunia.com/advisories/50892
http://secunia.com/advisories/50904
http://secunia.com/advisories/50935
http://secunia.com/advisories/50936
http://secunia.com/advisories/50984
http://secunia.com/advisories/51181
http://secunia.com/advisories/55318
SuSE Security Announcement: SUSE-SU-2012:1351 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html
http://www.ubuntu.com/usn/USN-1611-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-3983
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16901
Common Vulnerability Exposure (CVE) ID: CVE-2012-3984
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16184
Common Vulnerability Exposure (CVE) ID: CVE-2012-3985
http://osvdb.org/86106
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16108
Common Vulnerability Exposure (CVE) ID: CVE-2012-3986
BugTraq ID: 55922
http://www.securityfocus.com/bid/55922
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16834
Common Vulnerability Exposure (CVE) ID: CVE-2012-3988
http://osvdb.org/86109
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16334
XForce ISS Database: firefox-full-screen-code-exec(79149)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79149
Common Vulnerability Exposure (CVE) ID: CVE-2012-3989
http://osvdb.org/86097
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16814
Common Vulnerability Exposure (CVE) ID: CVE-2012-3990
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16642
XForce ISS Database: firefox-nsicontent-code-exec(79172)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79172
Common Vulnerability Exposure (CVE) ID: CVE-2012-3991
BugTraq ID: 55930
http://www.securityfocus.com/bid/55930
http://osvdb.org/86098
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16646
Common Vulnerability Exposure (CVE) ID: CVE-2012-3992
BugTraq ID: 56128
http://www.securityfocus.com/bid/56128
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16987
Common Vulnerability Exposure (CVE) ID: CVE-2012-3993
BugTraq ID: 56119
http://www.securityfocus.com/bid/56119
http://osvdb.org/86111
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16718
XForce ISS Database: firefox-cow-privilege-escalation(79153)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79153
Common Vulnerability Exposure (CVE) ID: CVE-2012-3994
BugTraq ID: 56118
http://www.securityfocus.com/bid/56118
http://osvdb.org/86110
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16798
Common Vulnerability Exposure (CVE) ID: CVE-2012-3995
BugTraq ID: 56136
http://www.securityfocus.com/bid/56136
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16808
XForce ISS Database: firefox-iscsswordspacingspace-code-exec(79156)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79156
Common Vulnerability Exposure (CVE) ID: CVE-2012-4179
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16882
XForce ISS Database: firefox-createcsspropertytxn-code-exec(79157)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79157
Common Vulnerability Exposure (CVE) ID: CVE-2012-4180
http://osvdb.org/86099
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16428
XForce ISS Database: firefox-isprevcharinnode-bo(79158)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79158
Common Vulnerability Exposure (CVE) ID: CVE-2012-4182
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16191
XForce ISS Database: firefox-nstexteditrules-code-exec(79160)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79160
Common Vulnerability Exposure (CVE) ID: CVE-2012-4183
BugTraq ID: 56140
http://www.securityfocus.com/bid/56140
http://osvdb.org/86095
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16850
XForce ISS Database: firefox-domsvgtests-code-exec(79161)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79161
Common Vulnerability Exposure (CVE) ID: CVE-2012-4184
BugTraq ID: 56120
http://www.securityfocus.com/bid/56120
http://osvdb.org/86113
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16946
XForce ISS Database: firefox-cow-xss(79154)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79154
Common Vulnerability Exposure (CVE) ID: CVE-2012-4185
BugTraq ID: 56127
http://www.securityfocus.com/bid/56127
http://osvdb.org/86116
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16009
XForce ISS Database: firefox-nschartraitslength-bo(79162)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79162
Common Vulnerability Exposure (CVE) ID: CVE-2012-4186
http://osvdb.org/86117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16193
XForce ISS Database: firefox-nswavereader-bo(79163)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79163
Common Vulnerability Exposure (CVE) ID: CVE-2012-4187
BugTraq ID: 56125
http://www.securityfocus.com/bid/56125
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16425
Common Vulnerability Exposure (CVE) ID: CVE-2012-4188
http://osvdb.org/86096
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16964
XForce ISS Database: firefox-convolve3x3-bo(79165)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79165
Common Vulnerability Exposure (CVE) ID: CVE-2012-4191
http://osvdb.org/86125
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16719
http://www.securitytracker.com/id?1027653
http://secunia.com/advisories/50929
http://www.ubuntu.com/usn/USN-1608-1
XForce ISS Database: mozilla-websockets-code-execution(79209)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79209
Common Vulnerability Exposure (CVE) ID: CVE-2012-4192
http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17095
XForce ISS Database: mozilla-sop-security-bypass(79210)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79210
Common Vulnerability Exposure (CVE) ID: CVE-2012-4193
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16786
RedHat Security Advisories: RHSA-2012:1361
http://rhn.redhat.com/errata/RHSA-2012-1361.html
RedHat Security Advisories: RHSA-2012:1362
http://rhn.redhat.com/errata/RHSA-2012-1362.html
http://secunia.com/advisories/50906
http://secunia.com/advisories/50907
http://secunia.com/advisories/50964
XForce ISS Database: mozilla-location-security-bypass(79211)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79211
Common Vulnerability Exposure (CVE) ID: CVE-2012-4181
BugTraq ID: 56130
http://www.securityfocus.com/bid/56130
http://osvdb.org/86100
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16523
XForce ISS Database: firefox-nssmilanimationcontroller-code-exec(79159)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79159
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.