Fedora 11 : Miro-2.5.2-4.fc11 / blam-1.8.5-14.fc11 / chmsee-1.0.1-11.fc11 / eclipse-3.4.2-15.fc11 / etc (2009-9505)

critical Nessus Plugin ID 40956

Synopsis

The remote Fedora host is missing one or more security updates.

Description

Update to new upstream Firefox version 3.5.3, fixing multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.3 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected packages.

See Also

https://www.mozilla.org/en-US/security/known-

https://bugzilla.redhat.com/show_bug.cgi?id=521684

https://bugzilla.redhat.com/show_bug.cgi?id=521686

https://bugzilla.redhat.com/show_bug.cgi?id=521687

https://bugzilla.redhat.com/show_bug.cgi?id=521688

https://bugzilla.redhat.com/show_bug.cgi?id=521689

https://bugzilla.redhat.com/show_bug.cgi?id=521690

https://bugzilla.redhat.com/show_bug.cgi?id=521691

https://bugzilla.redhat.com/show_bug.cgi?id=521693

https://bugzilla.redhat.com/show_bug.cgi?id=521694

https://bugzilla.redhat.com/show_bug.cgi?id=521695

http://www.nessus.org/u?70409101

http://www.nessus.org/u?51935936

http://www.nessus.org/u?b20ebddd

http://www.nessus.org/u?502281b9

http://www.nessus.org/u?c6d719d8

http://www.nessus.org/u?38e2e3be

http://www.nessus.org/u?85bc3083

http://www.nessus.org/u?5ee81c6b

http://www.nessus.org/u?660e73cc

http://www.nessus.org/u?d0d7362e

http://www.nessus.org/u?2cc84ae1

http://www.nessus.org/u?3688de7d

http://www.nessus.org/u?a926f2ef

http://www.nessus.org/u?5f153ff0

http://www.nessus.org/u?831e3887

http://www.nessus.org/u?94c220af

http://www.nessus.org/u?41d6ea9c

http://www.nessus.org/u?dccee672

http://www.nessus.org/u?7c9f936e

http://www.nessus.org/u?f8b43456

http://www.nessus.org/u?4f44a937

http://www.nessus.org/u?72796f39

Plugin Details

Severity: Critical

ID: 40956

File Name: fedora_2009-9505.nasl

Version: 1.22

Type: local

Agent: unix

Published: 9/14/2009

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:miro, p-cpe:/a:fedoraproject:fedora:blam, p-cpe:/a:fedoraproject:fedora:chmsee, p-cpe:/a:fedoraproject:fedora:eclipse, p-cpe:/a:fedoraproject:fedora:epiphany, p-cpe:/a:fedoraproject:fedora:epiphany-extensions, p-cpe:/a:fedoraproject:fedora:evolution-rss, p-cpe:/a:fedoraproject:fedora:firefox, p-cpe:/a:fedoraproject:fedora:galeon, p-cpe:/a:fedoraproject:fedora:gnome-python2-extras, p-cpe:/a:fedoraproject:fedora:gnome-web-photo, p-cpe:/a:fedoraproject:fedora:google-gadgets, p-cpe:/a:fedoraproject:fedora:hulahop, p-cpe:/a:fedoraproject:fedora:kazehakase, p-cpe:/a:fedoraproject:fedora:monodevelop, p-cpe:/a:fedoraproject:fedora:mozvoikko, p-cpe:/a:fedoraproject:fedora:pcmanx-gtk2, p-cpe:/a:fedoraproject:fedora:perl-gtk2-mozembed, p-cpe:/a:fedoraproject:fedora:ruby-gnome2, p-cpe:/a:fedoraproject:fedora:seahorse-plugins, p-cpe:/a:fedoraproject:fedora:xulrunner, p-cpe:/a:fedoraproject:fedora:yelp, cpe:/o:fedoraproject:fedora:11

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 9/11/2009

Vulnerability Publication Date: 9/10/2009

Reference Information

CVE: CVE-2009-3069, CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3073, CVE-2009-3074, CVE-2009-3075, CVE-2009-3077, CVE-2009-3078, CVE-2009-3079

BID: 36343

CWE: 20, 94

FEDORA: 2009-9505