Mandriva Linux Security Advisory : firefox (MDVSA-2009:338)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Security issues were identified and fixed in firefox 3.5.x :

liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before
2.0.1 might allow context-dependent attackers to cause a denial of
service (application crash) or execute arbitrary code via unspecified
vectors, related to memory safety issues. (CVE-2009-3388)

Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used
in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows
remote attackers to cause a denial of service (application crash) or
possibly execute arbitrary code via a video with large dimensions
(CVE-2009-3389).

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1,
and Thunderbird allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors (CVE-2009-3979).

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird
allow remote attackers to cause a denial of service (memory corruption
and application crash) or possibly execute arbitrary code via unknown
vectors (CVE-2009-3980).

Multiple unspecified vulnerabilities in the JavaScript engine in
Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and
Thunderbird allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors (CVE-2009-3982).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to send authenticated requests
to arbitrary applications by replaying the NTLM credentials of a
browser user (CVE-2009-3983).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to spoof an SSL indicator for an
http URL or a file URL by setting document.location to an https URL
corresponding to a site that responds with a No Content (aka 204)
status code and an empty body (CVE-2009-3984).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to associate spoofed content
with an invalid URL by setting document.location to this URL, and then
writing arbitrary web script or HTML to the associated blank document,
a related issue to CVE-2009-2654 (CVE-2009-3985).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to execute arbitrary JavaScript
with chrome privileges by leveraging a reference to a chrome window
from a content window, related to the window.opener property
(CVE-2009-3986).

The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and
3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different
exception messages depending on whether the referenced COM object is
listed in the registry, which allows remote attackers to obtain
potentially sensitive information about installed software by making
multiple calls that specify the ProgID values of different COM objects
(CVE-2009-3987).

Additionally, some packages which require so, have been rebuilt and
are being provided as updates.

See also :

http://www.nessus.org/u?ca8b7967

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Mandriva Local Security Checks

Nessus Plugin ID: 48162 (mandriva_MDVSA-2009-338.nasl)

Bugtraq ID: 37361
37362
37364
37365
37366
37367
37368
37369
37370

CVE ID: CVE-2009-3388
CVE-2009-3389
CVE-2009-3979
CVE-2009-3980
CVE-2009-3982
CVE-2009-3983
CVE-2009-3984
CVE-2009-3985
CVE-2009-3986
CVE-2009-3987

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now