Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.55270
Category:Fedora Local Security Checks
Title:Fedora Core 4 FEDORA-2005-871 (firefox)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to firefox
announced via advisory FEDORA-2005-871.

An updated firefox package that fixes as security bug is now
available for Fedora Core 4.

This update has been rated as having critical security
impact by the Fedora Security Response Team.

Mozilla Firefox is an open source Web browser.

A bug was found in the way Firefox processes certain
international domain names. An attacker could create a
specially crafted HTML file, which when viewed by the victim
would cause Firefox to crash or possibly execute arbitrary
code. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2005-2871 to this
issue.

Users of Firefox are advised to upgrade to this updated
package that contains a backported patch and is not
vulnerable to this issue.

* Fri Sep 9 2005 Christopher Aillon 0:1.0.6-1.2.fc4
- Fix for CVE-2005-2871

Solution: Apply the appropriate updates.

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

This update can also be installed with the Update Agent
you can
launch the Update Agent with the 'up2date' command.

https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2005-871

Risk factor : High

CVSS Score:
7.5

Cross-Ref: BugTraq ID: 14784
Common Vulnerability Exposure (CVE) ID: CVE-2005-2871
http://www.securityfocus.com/bid/14784
CERT/CC vulnerability note: VU#573857
http://www.kb.cert.org/vuls/id/573857
Computer Incident Advisory Center Bulletin: P-303
http://www.ciac.org/ciac/bulletins/p-303.shtml
Debian Security Information: DSA-837 (Google Search)
http://www.debian.org/security/2005/dsa-837
Debian Security Information: DSA-866 (Google Search)
http://www.debian.org/security/2005/dsa-866
Debian Security Information: DSA-868 (Google Search)
http://www.debian.org/security/2005/dsa-868
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
http://marc.info/?l=full-disclosure&m=112624614008387&w=2
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0316.html
http://www.gentoo.org/security/en/glsa/glsa-200509-11.xml
HPdes Security Advisory: HPSBUX01133
HPdes Security Advisory: SSRT5940
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
http://www.securiteam.com/securitynews/5RP0B0UGVW.html
http://www.security-protocols.com/advisory/sp-x17-advisory.txt
http://www.security-protocols.com/firefox-death.html
http://www.osvdb.org/19255
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1287
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A584
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9608
http://www.redhat.com/support/errata/RHSA-2005-768.html
http://www.redhat.com/support/errata/RHSA-2005-769.html
http://www.redhat.com/support/errata/RHSA-2005-791.html
http://securitytracker.com/id?1014877
http://secunia.com/advisories/16764
http://secunia.com/advisories/16766
http://secunia.com/advisories/16767
http://secunia.com/advisories/17042
http://secunia.com/advisories/17090
http://secunia.com/advisories/17263
http://secunia.com/advisories/17284
http://securityreason.com/securityalert/83
http://www.ubuntu.com/usn/usn-181-1
http://www.vupen.com/english/advisories/2005/1690
http://www.vupen.com/english/advisories/2005/1691
http://www.vupen.com/english/advisories/2005/1824
XForce ISS Database: mozilla-url-bo(22207)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22207
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.