Detections
Analytics
Fedora 9 : Miro-2.0.3-2.fc9 / blam-1.8.5-7.fc9.1 / chmsee-1.0.1-10.fc9 / devhelp-0.19.1-10.fc9 / etc (2009-3099)
high Nessus Plugin ID 36041
Synopsis
The remote Fedora host is missing one or more security updates.Description
Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A memory corruption flaw was discovered in the way Firefox handles XML files containing an XSLT transform. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox.(CVE-2009-1169) A flaw was discovered in the way Firefox handles certain XUL garbage collection events. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1044) This update also provides depending packages rebuilt against new Firefox version. Miro updates to upstream 2.0.3. Provides new features and fixes various bugs in 1.2.x series
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.See Also
http://www.nessus.org/u?7f9c1612
http://www.nessus.org/u?b542ad2d
http://www.nessus.org/u?a5d22176
http://www.nessus.org/u?5c93b433
http://www.nessus.org/u?57053757
http://www.nessus.org/u?39789ca2
http://www.nessus.org/u?f9ba7b21
http://www.nessus.org/u?8a1e24b7
http://www.nessus.org/u?415d08fa
http://www.nessus.org/u?e324b372
http://www.nessus.org/u?72b77952
http://www.nessus.org/u?fb476644
http://www.nessus.org/u?66395d66
http://www.nessus.org/u?508e9e80
http://www.nessus.org/u?8f9e5fdc
http://www.nessus.org/u?283c9638
http://www.nessus.org/u?4bb2129f
http://www.nessus.org/u?ed31a681
http://www.nessus.org/u?17849551
http://www.nessus.org/u?92499e26
http://www.nessus.org/u?7631ea4b
http://www.nessus.org/u?da6c76e7
http://www.nessus.org/u?bfd1e5e2
http://www.nessus.org/u?38790867
http://www.nessus.org/u?5f303152
http://www.nessus.org/u?dc18ed11
http://www.nessus.org/u?155eaa70
http://www.nessus.org/u?bd569e79
http://www.nessus.org/u?d1092d36
http://www.nessus.org/u?81530d6f
http://www.nessus.org/u?985bca7d
http://www.nessus.org/u?88ae8ebb
http://www.nessus.org/u?8a88b845
http://www.nessus.org/u?485482d3
Plugin Details
Severity: High
ID: 36041
File Name: fedora_2009-3099.nasl
Version: 1.21
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 3/30/2009
Updated: 1/11/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:fedoraproject:fedora:miro, p-cpe:/a:fedoraproject:fedora:blam, p-cpe:/a:fedoraproject:fedora:chmsee, p-cpe:/a:fedoraproject:fedora:devhelp, p-cpe:/a:fedoraproject:fedora:epiphany, p-cpe:/a:fedoraproject:fedora:epiphany-extensions, p-cpe:/a:fedoraproject:fedora:firefox, p-cpe:/a:fedoraproject:fedora:galeon, p-cpe:/a:fedoraproject:fedora:gnome-python2-extras, p-cpe:/a:fedoraproject:fedora:gnome-web-photo, p-cpe:/a:fedoraproject:fedora:google-gadgets, p-cpe:/a:fedoraproject:fedora:gtkmozembedmm, p-cpe:/a:fedoraproject:fedora:kazehakase, p-cpe:/a:fedoraproject:fedora:mozvoikko, p-cpe:/a:fedoraproject:fedora:mugshot, p-cpe:/a:fedoraproject:fedora:totem, p-cpe:/a:fedoraproject:fedora:xulrunner, p-cpe:/a:fedoraproject:fedora:yelp, cpe:/o:fedoraproject:fedora:9
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/28/2009
Reference Information
CVE: CVE-2009-1044, CVE-2009-1169