Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2007:019
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Check for the Version of MozillaFirefox,seamonkey
Insight
Insight
The Mozilla Firefox web browser was updated to security update version 1.5.0.10 on older products and Mozilla Firefox to version 2.0.0.2 on openSUSE 10.2 to fix various security issues. Updates for the Mozilla seamonkey suite before 10.2, Mozilla Suite and Mozilla Thunderbird are still pending. Full details can be found on: http://www.mozilla.org/projects/security/known-vulnerabilities.html - MFSA 2007-01: As part of the Firefox 2.0.0.2 and 1.5.0.10 update releases several bugs were fixed to improve the stability of the browser. Some of these were crashes that showed evidence of memory corruption and we presume that with enough effort at least some of these could be exploited to run arbitrary code. These fixes affected the layout engine CVE-2007-0776 and javascript engine CVE-2007-0777. - MFSA 2007-02: Various enhancements were done to make XSS exploits against websites less effective. These included fixes for invalid trailing characters CVE-2007-0995, child frame character set inheritance CVE-2006-6077, and the Adobe Reader universal XSS problem. - CVE-2007-0778: AAd reported a potential disk cache collision that could be exploited by remote attackers to steal confidential data or execute code. - CVE-2007-0779: David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hot-spot property so that the visible part of the cursor floated outside the browser content area. - MFSA 2007-05: Manually opening blocked popups could be exploited by remote attackers to allow XSS attacks CVE-2007-0780 or to execute code in local files CVE-2007-0800. - MFSA 2007-06: Two buffer overflows were found in the NSS handling of Mozilla. CVE-2007-0008: SSL clients such as Firefox and Thunderbird can suffer a buffer overflow if a malicious server presents a certificate with a public key that is too small to encrypt the entire " Master Secret" . Exploiting this overflow appears to be unreliable but possible if the SSLv2 protocol is enabled. CVE-2007-0009: Servers that use NSS for the SSLv2 protocol can be exploited by a client that presents a " Client Master Key&quo ... Description truncated, for more information please check the Reference URL
Affected Software
Affected Software
MozillaFirefox,seamonkey on SUSE LINUX 10.1, openSUSE 10.2, Novell Linux Desktop 9, SUSE SLED 10, SUSE SLES 10
Solution
Solution
Please Install the Updated Packages.