This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Security issues were identified and fixed in firefox 3.0.x :
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.14 allow remote attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors (CVE-2009-3069, CVE-2009-3070,
Mozilla Firefox before 3.0.14 allows remote attackers to cause a
denial of service (memory corruption and application crash) or
possibly execute arbitrary code via unknown vectors (CVE-2009-3073,
Mozilla Firefox before 3.0.14 does not properly implement certain
dialogs associated with the (1) pkcs11.addmodule and (2)
pkcs11.deletemodule operations, which makes it easier for remote
attackers to trick a user into installing or removing an arbitrary
PKCS11 module (CVE-2009-3076).
Mozilla Firefox before 3.0.14 does not properly manage pointers for
the columns (aka TreeColumns) of a XUL tree element, which allows
remote attackers to execute arbitrary code via a crafted HTML
document, related to a dangling pointer vulnerability.
Visual truncation vulnerability in Mozilla Firefox before 3.0.14
allows remote attackers to trigger a vertical scroll and spoof URLs
via unspecified Unicode characters with a tall line-height property
Unspecified vulnerability in Mozilla Firefox before 3.0.14 allows
privileges via vectors involving an object, the FeedWriter, and the
This update provides the latest Mozilla Firefox 3.0.x to correct these
Additionally, some packages which require so, have been rebuilt and
are being provided as updates.
See also :
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : true
Family: Mandriva Local Security Checks
Nessus Plugin ID: 41027 (mandriva_MDVSA-2009-236.nasl)
Bugtraq ID: 36343
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now