|
|
Family: Debian Local Security Checks --> Category: infos
[DSA1161] DSA-1161-2 mozilla-firefox Vulnerability Scan
Vulnerability Scan Summary
DSA-1161-2 mozilla-firefox
Detailed Explanation for this Vulnerability Test
The latest security updates of Mozilla Firefox introduced a regression
that led to a disfunctional attachment panel which warrants a
correction to fix this issue. For reference please find below the
original advisory text:
Several security related problems have been discovered in Mozilla and
derived products like Mozilla Firefox. The Common Vulnerabilities and
Exposures project identifies the following vulnerabilities:
The Javascript engine might allow remote attackers to execute
arbitrary code. [MFSA-2006-50]
Multiple integer overflows in the Javascript engine might allow
remote attackers to execute arbitrary code. [MFSA-2006-50]
Specially crafted Javascript allows remote attackers to execute
arbitrary code. [MFSA-2006-51]
Remote Proxy AutoConfig (PAC) servers could execute code with elevated
rights via a specially crafted PAC script. [MFSA-2006-52]
Scripts with the UniversalBrowserRead privilege could gain
UniversalXPConnect rights and possibly execute code or obtain
sensitive data. [MFSA-2006-53]
Multiple vulnerabilities allow remote attackers to cause a denial
of service (crash) and possibly execute arbitrary code.
[MFSA-2006-55]
For the stable distribution (sarge) these problems have been fixed in
version 1.0.4-2sarge11.
For the unstable distribution (sid) these problems have been fixed in
version 1.5.dfsg+1.5.0.5-1.
We recommend that you upgrade your mozilla-firefox package.
Solution : http://www.debian.org/security/2006/dsa-1161
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
