Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.802583 |
Kategorie: | General |
Titel: | Mozilla Products IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability (MAC OS X) |
Zusammenfassung: | The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone; to information disclosure vulnerability. |
Beschreibung: | Summary: The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to information disclosure vulnerability. Vulnerability Insight: The flaw is due to requests made using IPv6 syntax using XMLHttpRequest objects through a proxy may generate errors depending on proxy configuration for IPv6. The resulting error messages from the proxy may disclose sensitive data. Vulnerability Impact: Successful exploitation will let attackers to get sensitive information. Affected Software/OS: SeaMonkey version before 2.4 Thunderbird version before 3.1.18 and 5.0 through 6.0. Mozilla Firefox version before 3.6.26 and 4.x through 6.0 Solution: Upgrade to Mozilla Firefox version 3.6.27 or 7.0 or later. Upgrade to SeaMonkey version to 2.4 or later. Upgrade to Thunderbird version to 3.1.18 or 7.0 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
Querverweis: |
BugTraq ID: 51786 Common Vulnerability Exposure (CVE) ID: CVE-2011-3670 Debian Security Information: DSA-2400 (Google Search) http://www.debian.org/security/2012/dsa-2400 Debian Security Information: DSA-2402 (Google Search) http://www.debian.org/security/2012/dsa-2402 Debian Security Information: DSA-2406 (Google Search) http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14814 SuSE Security Announcement: SUSE-SU-2012:0198 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html SuSE Security Announcement: SUSE-SU-2012:0221 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html SuSE Security Announcement: openSUSE-SU-2012:0234 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html |
Copyright | Copyright (C) 2012 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |