Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory for Mozilla (SUSE-SU-2014:0665-1)
Summary:The remote host is missing an update for the 'Mozilla'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'Mozilla'
package(s) announced via the referenced advisory.

Vulnerability Insight:
This Mozilla Firefox and Mozilla NSS update fixes several security and
non-security issues.

Mozilla Firefox has been updated to 24.5.0esr which fixes the following

* MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards

* MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG

* MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object
as XBL

* MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web
Notification API

* MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history

* MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while
resizing images

* MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver

Mozilla NSS has been updated to 3.16

* required for Firefox 29

* CVE-2014-1492_ In a wildcard certificate, the wildcard character
should not be embedded within the U-label of an internationalized
domain name. See the last bullet point in RFC 6125, Section 7.2.

* Update of root certificates.

Security Issue references:

* CVE-2014-1532

* CVE-2014-1531

* CVE-2014-1530

* CVE-2014-1529

* CVE-2014-1524

* CVE-2014-1523

* CVE-2014-1518

* CVE-2014-1492

Affected Software/OS:
Mozilla on SUSE Linux Enterprise Server 11 SP1 LTSS

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-1492
BugTraq ID: 66356
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
Debian Security Information: DSA-2994 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0665 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0727 (Google Search)
SuSE Security Announcement: openSUSE-SU-2014:0599 (Google Search)
SuSE Security Announcement: openSUSE-SU-2014:0629 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-1518
BugTraq ID: 67123
Debian Security Information: DSA-2918 (Google Search)
Debian Security Information: DSA-2924 (Google Search)
RedHat Security Advisories: RHSA-2014:0448
RedHat Security Advisories: RHSA-2014:0449
SuSE Security Announcement: openSUSE-SU-2014:0602 (Google Search)
SuSE Security Announcement: openSUSE-SU-2014:0640 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-1523
BugTraq ID: 67129
Common Vulnerability Exposure (CVE) ID: CVE-2014-1524
BugTraq ID: 67131
Common Vulnerability Exposure (CVE) ID: CVE-2014-1529
BugTraq ID: 67135
Common Vulnerability Exposure (CVE) ID: CVE-2014-1530
BugTraq ID: 67137
Common Vulnerability Exposure (CVE) ID: CVE-2014-1531
BugTraq ID: 67134
Common Vulnerability Exposure (CVE) ID: CVE-2014-1532
BugTraq ID: 67130
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.