Fedora 8 : Miro-1.1-3.fc8 / blam-1.8.3-13.fc8 / chmsee-1.0.0-1.28.fc8 / devhelp-0.16.1-5.fc8 / etc (2008-1535)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing one or more security updates.

Description :

Mozilla Firefox is an open source Web browser. Several flaws were
found in the way Firefox processed certain malformed web content. A
web page containing malicious content could cause Firefox to crash, or
potentially execute arbitrary code as the user running Firefox.
(CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several
flaws were found in the way Firefox displayed malformed web content. A
web page containing specially crafted content could trick a user into
surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A
flaw was found in the way Firefox stored password data. If a user
saves login information for a malicious website, it could be possible
to corrupt the password database, preventing the user from properly
accessing saved password data. (CVE-2008-0417) A flaw was found in the
way Firefox handles certain chrome URLs. If a user has certain
extensions installed, it could allow a malicious website to steal
sensitive session data. Note: this flaw does not affect a default
installation of Firefox. (CVE-2008-0418) A flaw was found in the way
Firefox saves certain text files. If a website offers a file of type
'plain/text', rather than 'text/plain', Firefox will not show future
'text/plain' content to the user in the browser, forcing them to save
those files locally to view the content. (CVE-2008-0592) Users of
firefox are advised to upgrade to these updated packages, which
contain updated packages to resolve these issues.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=431732
https://bugzilla.redhat.com/show_bug.cgi?id=431733
https://bugzilla.redhat.com/show_bug.cgi?id=431739
https://bugzilla.redhat.com/show_bug.cgi?id=431742
https://bugzilla.redhat.com/show_bug.cgi?id=431748
https://bugzilla.redhat.com/show_bug.cgi?id=431749
https://bugzilla.redhat.com/show_bug.cgi?id=431751
https://bugzilla.redhat.com/show_bug.cgi?id=431752
https://bugzilla.redhat.com/show_bug.cgi?id=431756
https://bugzilla.redhat.com/show_bug.cgi?id=432036
https://bugzilla.redhat.com/show_bug.cgi?id=432040
http://www.nessus.org/u?150b6c21
http://www.nessus.org/u?b751fe08
http://www.nessus.org/u?c8bd9950
http://www.nessus.org/u?d571352f
http://www.nessus.org/u?df5f34ea
http://www.nessus.org/u?080b7023
http://www.nessus.org/u?1bc21d1f
http://www.nessus.org/u?cb3ac43d
http://www.nessus.org/u?406b01bc
http://www.nessus.org/u?fe5d5ec2
http://www.nessus.org/u?d0528e90
http://www.nessus.org/u?4dd87a98
http://www.nessus.org/u?2dbdbc11
http://www.nessus.org/u?67a56ae1
http://www.nessus.org/u?11b25edd
http://www.nessus.org/u?34ff5880

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: Fedora Local Security Checks

Nessus Plugin ID: 31067 (fedora_2008-1535.nasl)

Bugtraq ID:

CVE ID: CVE-2008-0412
CVE-2008-0413
CVE-2008-0414
CVE-2008-0415
CVE-2008-0417
CVE-2008-0418
CVE-2008-0419
CVE-2008-0591
CVE-2008-0592
CVE-2008-0593
CVE-2008-0594

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now