Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.870881
Category:Red Hat Local Security Checks
Title:RedHat Update for firefox RHSA-2013:0144-01
Summary:The remote host is missing an update for the 'firefox'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'firefox'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2013-0744, CVE-2013-0746, CVE-2013-0750, CVE-2013-0753,
CVE-2013-0754, CVE-2013-0762, CVE-2013-0766, CVE-2013-0767, CVE-2013-0769)

A flaw was found in the way Chrome Object Wrappers were implemented.
Malicious content could be used to cause Firefox to execute arbitrary code
via plug-ins installed in Firefox. (CVE-2013-0758)

A flaw in the way Firefox displayed URL values in the address bar could
allow a malicious site or user to perform a phishing attack.
(CVE-2013-0759)

An information disclosure flaw was found in the way certain JavaScript
functions were implemented in Firefox. An attacker could use this flaw to
bypass Address Space Layout Randomization (ASLR) and other security
restrictions. (CVE-2013-0748)

All Firefox users should upgrade to these updated packages, which contain
Firefox version 10.0.12 ESR, which corrects these issues. After installing
the update, Firefox must be restarted for the changes to take effect.

Affected Software/OS:
firefox on Red Hat Enterprise Linux (v. 5 server),
Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-0744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17007
RedHat Security Advisories: RHSA-2013:0144
http://rhn.redhat.com/errata/RHSA-2013-0144.html
RedHat Security Advisories: RHSA-2013:0145
http://rhn.redhat.com/errata/RHSA-2013-0145.html
SuSE Security Announcement: SUSE-SU-2013:0048 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html
SuSE Security Announcement: SUSE-SU-2013:0049 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html
SuSE Security Announcement: openSUSE-SU-2013:0131 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html
SuSE Security Announcement: openSUSE-SU-2013:0149 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html
http://www.ubuntu.com/usn/USN-1681-1
http://www.ubuntu.com/usn/USN-1681-2
http://www.ubuntu.com/usn/USN-1681-4
Common Vulnerability Exposure (CVE) ID: CVE-2013-0746
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16570
Common Vulnerability Exposure (CVE) ID: CVE-2013-0748
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17109
Common Vulnerability Exposure (CVE) ID: CVE-2013-0750
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16957
Common Vulnerability Exposure (CVE) ID: CVE-2013-0753
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17053
Common Vulnerability Exposure (CVE) ID: CVE-2013-0754
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16812
Common Vulnerability Exposure (CVE) ID: CVE-2013-0758
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17087
Common Vulnerability Exposure (CVE) ID: CVE-2013-0759
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16827
Common Vulnerability Exposure (CVE) ID: CVE-2013-0762
BugTraq ID: 57193
http://www.securityfocus.com/bid/57193
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16288
Common Vulnerability Exposure (CVE) ID: CVE-2013-0766
BugTraq ID: 57194
http://www.securityfocus.com/bid/57194
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16189
Common Vulnerability Exposure (CVE) ID: CVE-2013-0767
BugTraq ID: 57195
http://www.securityfocus.com/bid/57195
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16171
Common Vulnerability Exposure (CVE) ID: CVE-2013-0769
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16199
CopyrightCopyright (c) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.