English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2015.0446.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2015:0446-1)
Summary:The remote host is missing an update for the 'Mozilla Firefox' package(s) announced via the SUSE-SU-2015:0446-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Mozilla Firefox' package(s) announced via the SUSE-SU-2015:0446-1 advisory.

Vulnerability Insight:
This update to Firefox 17.0.9esr (bnc#840485) addresses:

* MFSA 2013-91 User-defined properties on DOM proxies get the wrong
'this' object
o (CVE-2013-1737)
* MFSA 2013-90 Memory corruption involving scrolling
o use-after-free in mozilla::layout::ScrollbarActivity
(CVE-2013-1735)
o Memory corruption in nsGfxScrollFrameInner::IsLTR()
(CVE-2013-1736)
* MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
o buffer overflow at nsFloatManager::GetFlowArea() with multicol,
list, floats (CVE-2013-1732)
* MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
o compartment mismatch in nsXBLBinding::DoInitJSClass
(CVE-2013-1730)
* MFSA 2013-83 Mozilla Updater does not lock MAR file after signature
verification
o MAR signature bypass in Updater could lead to downgrade
(CVE-2013-1726)
* MFSA 2013-82 Calling scope for new Javascript objects can lead to
memory corruption
o ABORT: bad scope for new JSObjects: ReparentWrapper /
document.open (CVE-2013-1725)
* MFSA 2013-79 Use-after-free in Animation Manager during stylesheet
cloning
o Heap-use-after-free in nsAnimationManager::BuildAnimations
(CVE-2013-1722)
* MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 /
rv:17.0.9)
o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0
(CVE-2013-1718)
* MFSA 2013-65 Buffer underflow when generating CRMF requests
o ASAN heap-buffer-overflow (read 1) in
cryptojs_interpret_key_gen_type (CVE-2013-1705)

Security Issue references:

* CVE-2013-1737
<[link moved to references]>
* CVE-2013-1735
<[link moved to references]>
* CVE-2013-1736
<[link moved to references]>
* CVE-2013-1732
<[link moved to references]>
* CVE-2013-1730
<[link moved to references]>
* CVE-2013-1726
<[link moved to references]>
* CVE-2013-1725
<[link moved to references]>
* CVE-2013-1722
<[link moved to references]>
* CVE-2013-1718
<[link moved to references]>
* CVE-2013-1705
<[link moved to references]>

Affected Software/OS:
'Mozilla Firefox' package(s) on SUSE Linux Enterprise Desktop 11-SP3, SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Server for SAP Applications 11-SP3.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-1701
BugTraq ID: 61874
http://www.securityfocus.com/bid/61874
Debian Security Information: DSA-2735 (Google Search)
http://www.debian.org/security/2013/dsa-2735
Debian Security Information: DSA-2746 (Google Search)
http://www.debian.org/security/2013/dsa-2746
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18514
Common Vulnerability Exposure (CVE) ID: CVE-2013-1702
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18876
Common Vulnerability Exposure (CVE) ID: CVE-2013-1705
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18935
SuSE Security Announcement: openSUSE-SU-2013:1496 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00060.html
SuSE Security Announcement: openSUSE-SU-2013:1633 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-1706
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18930
Common Vulnerability Exposure (CVE) ID: CVE-2013-1707
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18871
Common Vulnerability Exposure (CVE) ID: CVE-2013-1709
BugTraq ID: 61867
http://www.securityfocus.com/bid/61867
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18531
Common Vulnerability Exposure (CVE) ID: CVE-2013-1710
BugTraq ID: 61900
http://www.securityfocus.com/bid/61900
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18773
Common Vulnerability Exposure (CVE) ID: CVE-2013-1712
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18014
Common Vulnerability Exposure (CVE) ID: CVE-2013-1713
BugTraq ID: 61876
http://www.securityfocus.com/bid/61876
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18884
Common Vulnerability Exposure (CVE) ID: CVE-2013-1714
BugTraq ID: 61882
http://www.securityfocus.com/bid/61882
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18002
Common Vulnerability Exposure (CVE) ID: CVE-2013-1717
BugTraq ID: 61896
http://www.securityfocus.com/bid/61896
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18367
Common Vulnerability Exposure (CVE) ID: CVE-2013-1718
BugTraq ID: 62463
http://www.securityfocus.com/bid/62463
Debian Security Information: DSA-2762 (Google Search)
http://www.debian.org/security/2013/dsa-2762
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18939
RedHat Security Advisories: RHSA-2013:1268
http://rhn.redhat.com/errata/RHSA-2013-1268.html
RedHat Security Advisories: RHSA-2013:1269
http://rhn.redhat.com/errata/RHSA-2013-1269.html
SuSE Security Announcement: openSUSE-SU-2013:1491 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html
SuSE Security Announcement: openSUSE-SU-2013:1493 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html
SuSE Security Announcement: openSUSE-SU-2013:1495 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00059.html
SuSE Security Announcement: openSUSE-SU-2013:1499 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00061.html
http://www.ubuntu.com/usn/USN-1951-1
http://www.ubuntu.com/usn/USN-1952-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1722
BugTraq ID: 62460
http://www.securityfocus.com/bid/62460
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19031
Common Vulnerability Exposure (CVE) ID: CVE-2013-1725
BugTraq ID: 62467
http://www.securityfocus.com/bid/62467
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19025
Common Vulnerability Exposure (CVE) ID: CVE-2013-1726
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18821
Common Vulnerability Exposure (CVE) ID: CVE-2013-1730
BugTraq ID: 62473
http://www.securityfocus.com/bid/62473
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19022
Common Vulnerability Exposure (CVE) ID: CVE-2013-1732
BugTraq ID: 62469
http://www.securityfocus.com/bid/62469
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18520
Common Vulnerability Exposure (CVE) ID: CVE-2013-1735
BugTraq ID: 62479
http://www.securityfocus.com/bid/62479
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18443
Common Vulnerability Exposure (CVE) ID: CVE-2013-1736
BugTraq ID: 62478
http://www.securityfocus.com/bid/62478
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18856
Common Vulnerability Exposure (CVE) ID: CVE-2013-1737
BugTraq ID: 62475
http://www.securityfocus.com/bid/62475
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18789
Common Vulnerability Exposure (CVE) ID: CVE-2015-0822
BugTraq ID: 72756
http://www.securityfocus.com/bid/72756
Debian Security Information: DSA-3174 (Google Search)
http://www.debian.org/security/2015/dsa-3174
Debian Security Information: DSA-3179 (Google Search)
http://www.debian.org/security/2015/dsa-3179
https://security.gentoo.org/glsa/201504-01
RedHat Security Advisories: RHSA-2015:0265
http://rhn.redhat.com/errata/RHSA-2015-0265.html
RedHat Security Advisories: RHSA-2015:0266
http://rhn.redhat.com/errata/RHSA-2015-0266.html
RedHat Security Advisories: RHSA-2015:0642
http://rhn.redhat.com/errata/RHSA-2015-0642.html
http://www.securitytracker.com/id/1031791
http://www.securitytracker.com/id/1031792
SuSE Security Announcement: SUSE-SU-2015:0412 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html
SuSE Security Announcement: SUSE-SU-2015:0446 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html
SuSE Security Announcement: SUSE-SU-2015:0447 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html
SuSE Security Announcement: openSUSE-SU-2015:0404 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
SuSE Security Announcement: openSUSE-SU-2015:0448 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html
SuSE Security Announcement: openSUSE-SU-2015:0567 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html
SuSE Security Announcement: openSUSE-SU-2015:0570 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html
SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://www.ubuntu.com/usn/USN-2505-1
http://www.ubuntu.com/usn/USN-2506-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-0827
BugTraq ID: 72755
http://www.securityfocus.com/bid/72755
Common Vulnerability Exposure (CVE) ID: CVE-2015-0831
BugTraq ID: 72746
http://www.securityfocus.com/bid/72746
Common Vulnerability Exposure (CVE) ID: CVE-2015-0836
BugTraq ID: 72742
http://www.securityfocus.com/bid/72742
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.