This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Security issues were identified and fixed in mozilla firefox and
An integer overflow in the libpng library can lead to a heap-buffer
overflow when decompressing certain PNG images. This leads to a crash,
which may be potentially exploitable (CVE-2011-3026).
The mozilla firefox and thunderbird packages has been upgraded to the
latest respective versions whish is not affecte dby this security
Additionally the rootcerts packages (root CA cerificates bundle) has
been upgraded to the latest version as of 2012/02/18 and the NSS
library has been rebuilt accordingly to pickup the changes.
This is a symbolic advisory correction because there was a clash with
MDVSA-2012:022 that addressed libpng.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false