ID de Prueba:	1.3.6.1.4.1.25623.1.0.900448
Categoría:	Web application abuses
Título:	Firefox Information Disclosure Vulnerability (Jan 2009) - Windows
Resumen:	Mozilla Firefox browser is prone to an information disclosure vulnerability.
Descripción:	Summary: Mozilla Firefox browser is prone to an information disclosure vulnerability. Vulnerability Insight: The Web Browser fails to properly enforce the same-origin policy, which leads to cross-domain information disclosure. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary codes in the context of the web browser and can obtain sensitive information of the remote user through the web browser. Affected Software/OS: Mozilla Firefox version from 2.0 to 3.0.5 on Windows. Solution: Upgrade to Mozilla Firefox version 3.6.3 or later. CVSS Score: 4.9 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5913 BugTraq ID: 33276 http://www.securityfocus.com/bid/33276 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:125 http://arstechnica.com/news.ars/post/20090113-new-method-of-phishmongering-could-fool-experienced-users.html http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212900161 http://www.infoworld.com/article/09/01/13/Browser_bug_could_allow_phishing_without_email_1.html http://www.trusteer.com/files/In-session-phishing-advisory-2.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11139 http://www.redhat.com/support/errata/RHSA-2010-0500.html http://www.redhat.com/support/errata/RHSA-2010-0501.html http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 SuSE Security Announcement: SUSE-SA:2010:030 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://ubuntu.com/usn/usn-930-1 http://www.ubuntu.com/usn/usn-930-2 http://www.vupen.com/english/advisories/2010/1551 http://www.vupen.com/english/advisories/2010/1557 http://www.vupen.com/english/advisories/2010/1592 http://www.vupen.com/english/advisories/2010/1640 http://www.vupen.com/english/advisories/2010/1773
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.