Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2004:082: mozilla Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the mozilla package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2004:082 (mozilla).

A number of security vulnerabilities in mozilla are addressed by this update for
Mandrakelinux 10.0 users, including a fix for frame spoofing, a fixed popup
XPInstall/security dialog bug, a fix for untrusted chrome calls, a fix for SSL
certificate spoofing, a fix for stealing secure HTTP Auth passwords via DNS
spoofing, a fix for insecure matching of cert names for non-FQDNs, a fix for
focus redefinition from another domain, a fix for a SOAP parameter overflow, a
fix for text drag on file entry, a fix for certificate DoS, and a fix for lock
icon and cert spoofing.
Additionally, mozilla for both Mandrakelinux 9.2 and 10.0 have been rebuilt to
use the system libjpeg and libpng which addresses vulnerabilities discovered in
libpng (ref: MDKSA-2004:079).

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.