Test ID:	1.3.6.1.4.1.25623.1.0.122424
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2009-1530)
Summary:	The remote host is missing an update for the 'firefox, nspr, xulrunner' package(s) announced via the ELSA-2009-1530 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox, nspr, xulrunner' package(s) announced via the ELSA-2009-1530 advisory. Vulnerability Insight: firefox: [3.0.15-3.0.1.el5_4] - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones [3.0.15-3] - Rebuild due to Mozilla's respin [3.0.15-2] - Rebuild due to xulrunner changes [3.0.15-1] - Update to 3.0.15 nspr: [4.7.6-1] - update to 4.7.6 xulrunner: [1.9.0.15-3.0.1.el5_4] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.0.15-3] - Rebuild due to Mozilla's respin [1.9.0.15-2] - Added remedy patch [1.9.0.15-1] - Update to 1.9.0.15 Affected Software/OS: 'firefox, nspr, xulrunner' package(s) on Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1563 Common Vulnerability Exposure (CVE) ID: CVE-2009-3274 http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 http://jbrownsec.blogspot.com/2009/09/vamos-updates.html http://securitytube.net/Zero-Day-Demos-(Firefox-Vulnerability-Discovered)-video.aspx https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9641 http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://secunia.com/advisories/36649 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.vupen.com/english/advisories/2009/3334 http://www.vupen.com/english/advisories/2010/0650 Common Vulnerability Exposure (CVE) ID: CVE-2009-3370 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10836 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6455 Common Vulnerability Exposure (CVE) ID: CVE-2009-3372 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10977 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6347 Common Vulnerability Exposure (CVE) ID: CVE-2009-3373 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10684 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6548 Common Vulnerability Exposure (CVE) ID: CVE-2009-3374 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6565 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9789 Common Vulnerability Exposure (CVE) ID: CVE-2009-3375 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10440 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5935 Common Vulnerability Exposure (CVE) ID: CVE-2009-3376 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11218 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6541 http://secunia.com/advisories/38977 SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://www.ubuntu.com/usn/USN-915-1 http://www.vupen.com/english/advisories/2010/0648 Common Vulnerability Exposure (CVE) ID: CVE-2009-3380 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6580 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9463 Common Vulnerability Exposure (CVE) ID: CVE-2009-3382 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11219 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5581 Common Vulnerability Exposure (CVE) ID: CVE-2009-3384 http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html BugTraq ID: 36995 http://www.securityfocus.com/bid/36995 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00545.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00549.html http://osvdb.org/59943 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6362 http://www.securitytracker.com/id?1023166 http://secunia.com/advisories/37346 http://secunia.com/advisories/37393 http://secunia.com/advisories/37397 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2009/3217 http://www.vupen.com/english/advisories/2011/0212 XForce ISS Database: safari-ftp-code-execution(54241) https://exchange.xforce.ibmcloud.com/vulnerabilities/54241
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.