|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA1046] DSA-1046-1 mozilla Vulnerability Assessment Details
|
[DSA1046] DSA-1046-1 mozilla |
||
DSA-1046-1 mozilla Detailed Explanation for this Vulnerability Assessment Several security related problems have been discovered in Mozilla. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: The "run-mozilla.sh" script permits local users to create or overwrite arbitrary files when debugging is enabled via a symlink attack on temporary files. Web pages with extremely long titles cause subsequent launches of the browser to appear to "hang" for up to a few minutes, or even crash if the computer has insufficient memory. [MFSA-2006-03] The JavaScript interpreter does not properly dereference objects, which permits remote attackers to cause a denial of service or execute arbitrary code. [MFSA-2006-01] The function allocation code permits attackers to cause a denial of service and possibly execute arbitrary code. [MFSA-2006-01] XULDocument.persist() did not validate the attribute name, permiting a possible hacker to inject arbitrary XML and JavaScript code into localstore.rdf that would be read and acted upon during startup. [MFSA-2006-05] An anonymous researcher for TippingPoint and the Zero Day Initiative reported that an invalid and nonsensical ordering of table-related tags can be exploited to execute arbitrary code. [MFSA-2006-27] A particular sequence of HTML tags can cause memory corruption that can be exploited to execute arbitrary code. [MFSA-2006-18] Georgi Guninski reports that forwarding mail in-line while using the default HTML "rich mail" editor will execute JavaScript embedded in the e-mail message with full rights of the client. [MFSA-2006-21] The HTML rendering engine does not properly block external images from inline HTML attachments when "Block loading of remote images in mail messages" is enabled, which could permit remote attackers to obtain sensitive information. [MFSA-2006-26] A vulnerability potentially permits remote attackers to cause a denial of service and possibly execute arbitrary code. [MFSA-2006-20] A vulnerability potentially permits remote attackers to cause a denial of service and possibly execute arbitrary code. [MFSA-2006-20] A vulnerability potentially permits remote attackers to cause a denial of service and possibly execute arbitrary code. [MFSA-2006-20] A vulnerability potentially permits remote attackers to cause a denial of service and possibly execute arbitrary code. [MFSA-2006-20] A vulnerability potentially permits remote attackers to cause a denial of service and possibly execute arbitrary code. [MFSA-2006-20] Due to an interaction between XUL content windows and the history mechanism, some windows may to become translucent, which might permit remote attackers to execute arbitrary code. [MFSA-2006-29] "shutdown" discovered that the security check of the function js_ValueToFunctionObject() can be circumvented and exploited to permit the installation of malware. [MFSA-2006-28] Georgi Guninski reported two variants of using scripts in an XBL control to g [...] Solution : http://www.debian.org/security/2006/dsa-1046 Network Security Threat Level: High Networks Security ID: 15773, 16476, 16476, 16770, 16881, 17516 Vulnerability Assessment Copyright: This script is (C) 2007 Michel Arboi |
||
Cables, Connectors |
Cisco Nexus 48-Port 10G SFP+ Switch N9K-9396PX w/ 9K-M12PQ 12-Port 40G QSFP
$249.99
Cisco 10-2456-03 Genuine Cisco SFP-10G-LRM V03 10GBASE-LRM SFP+Transceiver
$21.24
Cisco 10G SFP+ Module SFP-10G-SR 10-2415-03 (Lot of 5)
$24.99
Lot of 10pcs Brocade 57-1000012-01 8Gbps SWL 850nm SFP+ Optical Transceivers
$19.00
Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module 10-2415-03
$8.00
NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping*
$18.00
Brand New Cisco GLC-LH-SMD 1000BASE-LX/LH SFP Module 1310nm 10km SMF LC
$13.89
Cisco GLC-SX-MMD SFP 1000Base-SX Short Haul Module 10-2626-01 - 1 Year Warranty
$21.49
LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module
$89.00
10 PCS Cisco GLC-LH-SMD 10-2625-01 1310nm SFP Transceiver Module
$85.00
|
||
No Discussions have been posted on this vulnerability. |