Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871829
Category:Red Hat Local Security Checks
Title:RedHat Update for firefox RHSA-2017:1440-01
Summary:The remote host is missing an update for the 'firefox'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'firefox'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Mozilla Firefox is an open source web
browser. This update upgrades Firefox to version 52.2.0 ESR. Security Fix(es): *
Multiple flaws were found in the processing of malformed web content. A web page
containing malicious content could cause Firefox to crash or, potentially,
execute arbitrary code with the privileges of the user running Firefox.
(CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7751, CVE-2017-7756,
CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775,
CVE-2017-7776, CVE-2017-7777, CVE-2017-7778, CVE-2017-7750, CVE-2017-7752,
CVE-2017-7754, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764) Red Hat would like
to thank the Mozilla project for reporting these issues. Upstream acknowledges
Nils, Nicolas Trippar of Zimperium zLabs, Mats Palmgren, Philipp, Masayuki
Nakano, Christian Holler, Andrew McCreight, Gary Kwong, Andre Bargull, Carsten
Book, Jesse Schwartzentruber, Julian Hector, Marcia Knous, Ronald Crane, Samuel
Erb, Holger Fuhrmannek, Tyson Smith, Abhishek Arya, and F. Alonso (revskills) as
the original reporters.

Affected Software/OS:
firefox on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Server (v. 7),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-5470
BugTraq ID: 99041
http://www.securityfocus.com/bid/99041
Debian Security Information: DSA-3881 (Google Search)
https://www.debian.org/security/2017/dsa-3881
Debian Security Information: DSA-3918 (Google Search)
https://www.debian.org/security/2017/dsa-3918
RedHat Security Advisories: RHSA-2017:1440
https://access.redhat.com/errata/RHSA-2017:1440
RedHat Security Advisories: RHSA-2017:1561
https://access.redhat.com/errata/RHSA-2017:1561
http://www.securitytracker.com/id/1038689
Common Vulnerability Exposure (CVE) ID: CVE-2017-5472
BugTraq ID: 99040
http://www.securityfocus.com/bid/99040
Common Vulnerability Exposure (CVE) ID: CVE-2017-7749
BugTraq ID: 99057
http://www.securityfocus.com/bid/99057
Common Vulnerability Exposure (CVE) ID: CVE-2017-7750
Common Vulnerability Exposure (CVE) ID: CVE-2017-7751
Common Vulnerability Exposure (CVE) ID: CVE-2017-7752
Common Vulnerability Exposure (CVE) ID: CVE-2017-7754
Common Vulnerability Exposure (CVE) ID: CVE-2017-7756
Common Vulnerability Exposure (CVE) ID: CVE-2017-7758
Common Vulnerability Exposure (CVE) ID: CVE-2017-7764
http://www.unicode.org/reports/tr31/tr31-26.html#Aspirational_Use_Scripts
Common Vulnerability Exposure (CVE) ID: CVE-2017-7771
Common Vulnerability Exposure (CVE) ID: CVE-2017-7772
Common Vulnerability Exposure (CVE) ID: CVE-2017-7774
Common Vulnerability Exposure (CVE) ID: CVE-2017-7775
Common Vulnerability Exposure (CVE) ID: CVE-2017-7776
Common Vulnerability Exposure (CVE) ID: CVE-2017-7777
Common Vulnerability Exposure (CVE) ID: CVE-2017-7778
Debian Security Information: DSA-3894 (Google Search)
https://www.debian.org/security/2017/dsa-3894
https://security.gentoo.org/glsa/201710-13
RedHat Security Advisories: RHSA-2017:1793
https://access.redhat.com/errata/RHSA-2017:1793
Common Vulnerability Exposure (CVE) ID: CVE-2017-7757
Common Vulnerability Exposure (CVE) ID: CVE-2017-7773
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.