Fedora 9 : Miro-2.0.3-2.fc9 / blam-1.8.5-7.fc9.1 / chmsee-1.0.1-10.fc9 / devhelp-0.19.1-10.fc9 / etc (2009-3099)

This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing one or more security updates.

Description :

Mozilla Firefox is an open source Web browser. XULRunner provides the
XUL Runtime environment for Mozilla Firefox. A memory corruption flaw
was discovered in the way Firefox handles XML files containing an XSLT
transform. A remote attacker could use this flaw to crash Firefox or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2009-1169) A flaw was discovered in the way Firefox handles
certain XUL garbage collection events. A remote attacker could use
this flaw to crash Firefox or, potentially, execute arbitrary code as
the user running Firefox. (CVE-2009-1044) This update also provides
depending packages rebuilt against new Firefox version. Miro updates
to upstream 2.0.3. Provides new features and fixes various bugs in
1.2.x series

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?7f9c1612
http://www.nessus.org/u?b542ad2d
http://www.nessus.org/u?a5d22176
http://www.nessus.org/u?5c93b433
http://www.nessus.org/u?57053757
http://www.nessus.org/u?39789ca2
http://www.nessus.org/u?f9ba7b21
http://www.nessus.org/u?8a1e24b7
http://www.nessus.org/u?415d08fa
http://www.nessus.org/u?e324b372
http://www.nessus.org/u?72b77952
http://www.nessus.org/u?fb476644
http://www.nessus.org/u?66395d66
http://www.nessus.org/u?508e9e80
http://www.nessus.org/u?8f9e5fdc
http://www.nessus.org/u?283c9638
http://www.nessus.org/u?4bb2129f
http://www.nessus.org/u?ed31a681
http://www.nessus.org/u?17849551
http://www.nessus.org/u?92499e26
http://www.nessus.org/u?7631ea4b
http://www.nessus.org/u?da6c76e7
http://www.nessus.org/u?bfd1e5e2
http://www.nessus.org/u?38790867
http://www.nessus.org/u?5f303152
http://www.nessus.org/u?dc18ed11
http://www.nessus.org/u?155eaa70
http://www.nessus.org/u?bd569e79
http://www.nessus.org/u?d1092d36
http://www.nessus.org/u?81530d6f
http://www.nessus.org/u?985bca7d
http://www.nessus.org/u?88ae8ebb
http://www.nessus.org/u?8a88b845
http://www.nessus.org/u?485482d3
http://www.nessus.org/u?f9d3c0ab
http://www.nessus.org/u?d01ed437

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 36041 (fedora_2009-3099.nasl)

Bugtraq ID: 34181
34235

CVE ID: CVE-2009-1044
CVE-2009-1169

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now