Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.903215
Kategorie:General
Titel:Mozilla Firefox ESR Multiple Vulnerabilities - June 13 (Windows)
Zusammenfassung:The host is installed with Mozilla Firefox ESR and is prone to multiple; vulnerabilities.
Beschreibung:Summary:
The host is installed with Mozilla Firefox ESR and is prone to multiple
vulnerabilities.

Vulnerability Insight:
Multiple flaws due to:

- PreserveWrapper does not handle lack of wrapper.

- Error in processing of SVG format images with filters to read pixel values.

- Does not prevent inclusion of body data in XMLHttpRequest HEAD request.

- Multiple unspecified errors in the browser engine.

- Does not properly handle onreadystatechange events in conjunction with
page reloading.

- System Only Wrapper (SOW) and Chrome Object Wrapper (COW), does not
restrict XBL user-defined functions.

- Use-after-free vulnerability in 'nsIDocument::GetRootElement' and
'mozilla::dom::HTMLMediaElement::LookupMediaElementURITable' functions.

- XrayWrapper does not properly restrict use of DefaultValue for method calls.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary code,
obtain potentially sensitive information, gain escalated privileges, bypass
security restrictions, and perform unauthorized actions. Other attacks may
also be possible.

Affected Software/OS:
Mozilla Firefox ESR versions 17.x before 17.0.7 on Windows

Solution:
Upgrade to Mozilla Firefox ESR 17.0.7 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-1684
BugTraq ID: 60766
http://www.securityfocus.com/bid/60766
Debian Security Information: DSA-2716 (Google Search)
http://www.debian.org/security/2013/dsa-2716
Debian Security Information: DSA-2720 (Google Search)
http://www.debian.org/security/2013/dsa-2720
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16604
RedHat Security Advisories: RHSA-2013:0981
http://rhn.redhat.com/errata/RHSA-2013-0981.html
RedHat Security Advisories: RHSA-2013:0982
http://rhn.redhat.com/errata/RHSA-2013-0982.html
SuSE Security Announcement: SUSE-SU-2013:1152 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html
SuSE Security Announcement: SUSE-SU-2013:1153 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html
SuSE Security Announcement: openSUSE-SU-2013:1140 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html
SuSE Security Announcement: openSUSE-SU-2013:1141 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:1142 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html
SuSE Security Announcement: openSUSE-SU-2013:1143 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html
http://www.ubuntu.com/usn/USN-1890-1
http://www.ubuntu.com/usn/USN-1891-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1685
BugTraq ID: 60773
http://www.securityfocus.com/bid/60773
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17330
Common Vulnerability Exposure (CVE) ID: CVE-2013-1686
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16576
Common Vulnerability Exposure (CVE) ID: CVE-2013-1687
BugTraq ID: 60777
http://www.securityfocus.com/bid/60777
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17117
Common Vulnerability Exposure (CVE) ID: CVE-2013-1690
BugTraq ID: 60778
http://www.securityfocus.com/bid/60778
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996
Common Vulnerability Exposure (CVE) ID: CVE-2013-1692
BugTraq ID: 60783
http://www.securityfocus.com/bid/60783
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17096
Common Vulnerability Exposure (CVE) ID: CVE-2013-1693
BugTraq ID: 60787
http://www.securityfocus.com/bid/60787
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17075
Common Vulnerability Exposure (CVE) ID: CVE-2013-1694
BugTraq ID: 60776
http://www.securityfocus.com/bid/60776
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17405
Common Vulnerability Exposure (CVE) ID: CVE-2013-1697
BugTraq ID: 60784
http://www.securityfocus.com/bid/60784
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17243
Common Vulnerability Exposure (CVE) ID: CVE-2013-1682
BugTraq ID: 60765
http://www.securityfocus.com/bid/60765
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17392
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.