SUSE-SA:2005:058: mozilla,MozillaFirefox

high Nessus Plugin ID 19937

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2005:058 (mozilla,MozillaFirefox).

The web browsers Mozilla and Mozilla Firefox have been updated to contain fixes for the vulnerabilities fixed in:

- Mozilla browser suite version 1.7.12
- Mozilla Firefox version 1.0.7

The security problems with their corresponding Mitre CVE ID are:
- CVE-2005-2701: Heap overrun in XBM image processing
- CVE-2005-2702: Crash on 'zero-width non-joiner' sequence
- CVE-2005-2703: XMLHttpRequest header spoofing
- CVE-2005-2704: Object spoofing using XBL <implements>
- CVE-2005-2705: Javascript integer overflow
- CVE-2005-2706: Privilege escalation using about: scheme
- CVE-2005-2707: Chrome window spoofing

Solution

http://www.suse.de/security/advisories/2005_58_mozilla.html

Plugin Details

Severity: High

ID: 19937

File Name: suse_SA_2005_058.nasl

Version: 1.10

Agent: unix

Family: SuSE Local Security Checks

Published: 10/5/2005

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Detections

Analytics