Test Kennung:	1.3.6.1.4.1.25623.1.2.1.2014.43
Kategorie:	General
Titel:	Mozilla Firefox Security Advisory (MFSA2014-43) - Linux
Zusammenfassung:	This host is missing a security update for Mozilla Firefox.
Beschreibung:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Cross-site scripting (XSS) using history navigations Mozilla security researcher moz_bug_r_a4 reported a method to use browser navigations through history to load a website with that page's baseURI property pointing to that of another site instead of the seemingly loaded one. The user will continue to see the incorrect site in the addressbar of the browser. This allows for a cross-site scripting (XSS) attack or the theft of data through a phishing attack. Affected Software/OS: Firefox version(s) below 29. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1530 BugTraq ID: 67137 http://www.securityfocus.com/bid/67137 Debian Security Information: DSA-2918 (Google Search) http://www.debian.org/security/2014/dsa-2918 Debian Security Information: DSA-2924 (Google Search) http://www.debian.org/security/2014/dsa-2924 http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132332.html https://security.gentoo.org/glsa/201504-01 RedHat Security Advisories: RHSA-2014:0448 http://rhn.redhat.com/errata/RHSA-2014-0448.html RedHat Security Advisories: RHSA-2014:0449 http://rhn.redhat.com/errata/RHSA-2014-0449.html http://www.securitytracker.com/id/1030163 http://www.securitytracker.com/id/1030164 http://www.securitytracker.com/id/1030165 http://secunia.com/advisories/59866 SuSE Security Announcement: SUSE-SU-2014:0665 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html SuSE Security Announcement: SUSE-SU-2014:0727 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html SuSE Security Announcement: openSUSE-SU-2014:0599 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html SuSE Security Announcement: openSUSE-SU-2014:0602 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-05/msg00013.html SuSE Security Announcement: openSUSE-SU-2014:0629 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html SuSE Security Announcement: openSUSE-SU-2014:0640 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-05/msg00040.html http://www.ubuntu.com/usn/USN-2185-1 http://www.ubuntu.com/usn/USN-2189-1
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.