|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200604-18] Mozilla Suite: Multiple vulnerabilities Vulnerability Assessment Details
|
[GLSA-200604-18] Mozilla Suite: Multiple vulnerabilities |
||
Mozilla Suite: Multiple vulnerabilities Detailed Explanation for this Vulnerability Assessment The remote host is affected by the vulnerability described in GLSA-200604-18 (Mozilla Suite: Multiple vulnerabilities) Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Impact A remote attacker could craft malicious web pages or emails that would leverage these issues to inject and execute arbitrary script code with elevated rights, steal local files, cookies or other information from web pages or emails, and spoof content. Some of these vulnerabilities might even be exploited to execute arbitrary code with the rights of the user running the client. Workaround There are no known workarounds for all the issues at this time. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4134 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1727 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1729 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790 http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla Solution: All Mozilla Suite users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/mozilla-1.7.13" All Mozilla Suite binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/mozilla-bin-1.7.13" Network Security Threat Level: Medium Networks Security ID: Vulnerability Assessment Copyright: (C) 2006 Michel Arboi |
||
Cables, Connectors |
Apple Macintosh Performa 466 Vintage Computer | SKU 146754
$149.95
Apple Macintosh PowerBook 180 Vintage Laptop | Retro Computer
$149.95
Vintage A3S2 Apple III Computer With 12 Volt Motherboard 820-0043-00
$450.00
Vintage Apple M2980 AppleDesign Keyboard - Tested and working - Good condition
$19.75
Vintage Apple Macintosh Performa 550
$360.00
VINTAGE APPLE MACINTOSH POWERBOOK 180 ( M4440) Powers On
$100.00
P1.Z) Vintage Apple 658-4081 ADB Desktop Bus Keyboard
$80.00
Vintage Apple Color Composite Monitor A2M6020 Power Stable, AS IS
$35.00
Vintage Apple Macintosh PowerBook G3 M4753 w/ Power Adapter
$149.00
Vintage Apple Newton MessagePad 2000 With Original Box and Some Accessories
$199.99
|
||
No Discussions have been posted on this vulnerability. |