Fedora 10 : Miro-2.0.5-4.fc10 / blam-1.8.5-14.fc10 / epiphany-2.24.3-10.fc10 / etc (2009-9494)

critical Nessus Plugin ID 40955

Synopsis

The remote Fedora host is missing one or more security updates.

Description

Update to new upstream Firefox version 3.0.14, fixing multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.14 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected packages.

See Also

https://www.mozilla.org/en-US/security/known-

https://bugzilla.redhat.com/show_bug.cgi?id=521686

https://bugzilla.redhat.com/show_bug.cgi?id=521687

https://bugzilla.redhat.com/show_bug.cgi?id=521688

https://bugzilla.redhat.com/show_bug.cgi?id=521690

https://bugzilla.redhat.com/show_bug.cgi?id=521691

https://bugzilla.redhat.com/show_bug.cgi?id=521692

https://bugzilla.redhat.com/show_bug.cgi?id=521693

https://bugzilla.redhat.com/show_bug.cgi?id=521694

https://bugzilla.redhat.com/show_bug.cgi?id=521695

http://www.nessus.org/u?f4998b84

http://www.nessus.org/u?d8ac853b

http://www.nessus.org/u?245ae0fc

http://www.nessus.org/u?8cd1212b

http://www.nessus.org/u?cf9185d8

http://www.nessus.org/u?20a85e6c

http://www.nessus.org/u?4e8cbcc4

http://www.nessus.org/u?7a6498c6

http://www.nessus.org/u?9820b4c5

http://www.nessus.org/u?a209b2a1

http://www.nessus.org/u?49f43a6d

http://www.nessus.org/u?8ef714c0

http://www.nessus.org/u?80a7c0d3

http://www.nessus.org/u?009387b3

http://www.nessus.org/u?e1343564

http://www.nessus.org/u?e881ce93

http://www.nessus.org/u?4a491f4c

http://www.nessus.org/u?53747c5e

Plugin Details

Severity: Critical

ID: 40955

File Name: fedora_2009-9494.nasl

Version: 1.23

Type: local

Agent: unix

Published: 9/14/2009

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:miro, p-cpe:/a:fedoraproject:fedora:blam, p-cpe:/a:fedoraproject:fedora:epiphany, p-cpe:/a:fedoraproject:fedora:epiphany-extensions, p-cpe:/a:fedoraproject:fedora:evolution-rss, p-cpe:/a:fedoraproject:fedora:firefox, p-cpe:/a:fedoraproject:fedora:gecko-sharp2, p-cpe:/a:fedoraproject:fedora:gnome-python2-extras, p-cpe:/a:fedoraproject:fedora:gnome-web-photo, p-cpe:/a:fedoraproject:fedora:google-gadgets, p-cpe:/a:fedoraproject:fedora:kazehakase, p-cpe:/a:fedoraproject:fedora:mozvoikko, p-cpe:/a:fedoraproject:fedora:mugshot, p-cpe:/a:fedoraproject:fedora:pcmanx-gtk2, p-cpe:/a:fedoraproject:fedora:perl-gtk2-mozembed, p-cpe:/a:fedoraproject:fedora:ruby-gnome2, p-cpe:/a:fedoraproject:fedora:xulrunner, p-cpe:/a:fedoraproject:fedora:yelp, cpe:/o:fedoraproject:fedora:10

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/11/2009

Vulnerability Publication Date: 9/10/2009

Reference Information

CVE: CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3074, CVE-2009-3075, CVE-2009-3076, CVE-2009-3077, CVE-2009-3078, CVE-2009-3079

BID: 36343

CWE: 20, 94

FEDORA: 2009-9494