Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Slackware Local Security Checks >> SSA-2004-223-01 Mozilla


Vulnerability Assessment Details

SSA-2004-223-01 Mozilla

Vulnerability Assessment Summary
SSA-2004-223-01 Mozilla

Detailed Explanation for this Vulnerability Assessment

New Mozilla packages are available for Slackware 9.1, 10.0, and -current
to fix a number of security issues. Slackware 10.0 and -current were
upgraded to Mozilla 1.7.2, and Slackware 9.1 was upgraded to Mozilla 1.4.3.
As usual, new versions of Mozilla require new versions of things that link
with the Mozilla libraries, so for Slackware 10.0 and -current new versions
of epiphany, galeon, gaim, and mozilla-tests have also been provided.
There don't appear to be epiphany and galeon versions that are compatible
with Mozilla 1.4.3 and the GNOME in Slackware 9.1, so these are not
provided and Epiphany and Galeon will be broken on Slackware 9.1 if the
new Mozilla package is installed. Furthermore, earlier versions of
Mozilla (such as the 1.3 series) were not fixed upstream, so versions
of Slackware earlier than 9.1 will remain vulnerable to these browser
issues. If you still use Slackware 9.0 or earlier, you may want to
consider removing Mozilla or upgrading to a newer version.

More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

Issues fixed in Mozilla 1.7.2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0763
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0758

Issues fixed in Mozilla 1.4.3:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0757
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0763
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0765




Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Michel Arboi

Cables, Connectors

IBM 03N4590 80P6636 573A 10GB Ethernet-SR PCI-X 2.0 DDR Adapter
$140.0
IBM 03N4590 80P6636 573A 10GB Ethernet-SR PCI-X 2.0 DDR Adapter  pictureLenovo IdeaPad 80QQ 15.6" Laptop i5-5200U 2.20GHz 8GB as-is 47
$79.0
Lenovo IdeaPad 80QQ  15.6Lenovo Flex 2 15 Laptop Motherboard w/ AMD A6-6310 1.8Ghz CPU 5B20G54045 #02
$39.0
Lenovo Flex 2 15 Laptop Motherboard w/ AMD A6-6310 1.8Ghz CPU 5B20G54045 #02 pictureIBM System x3550 M4 - NO MEMORY,NO CPU,NO HDD,NO POWER SUPPLY,NO TOP COVER
$149.0
IBM System x3550 M4 - NO MEMORY,NO CPU,NO HDD,NO POWER SUPPLY,NO TOP COVER picture


Discussions

No Discussions have been posted on this vulnerability.