Detections
Analytics

SUSE-SA:2005:045: mozilla,MozillaFirefox,epiphany,galeon

high Nessus Plugin ID 19924

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2005:045 (mozilla,MozillaFirefox,epiphany,galeon).


Various security vulnerabilities in the mozilla browser suite and the Mozilla Firefox browser have been reported and fixed upstream.

The Mozilla suite browser has been updated to a security fix level of Mozilla 1.7.11, the Mozilla Firefox browser has been updated to a fix level of Firefox 1.0.6.


Security relevant bugs that are fixed include (but are not limited to):

MFSA 2005-56 Code execution through shared function objects MFSA 2005-55 XHTML node spoofing MFSA 2005-54 Javascript prompt origin spoofing MFSA 2005-52 Same origin violation: frame calling top.focus() MFSA 2005-51 The return of frame-injection spoofing MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo() MFSA 2005-49 Stealing of sensitive information via _search and the Firefox sidebar MFSA 2005-48 Same-origin violation with InstallTrigger callback MFSA 2005-47 'Set as wallpaper' javascript: privilege escalation MFSA 2005-46 XBL scripts ran even when Javascript disabled MFSA 2005-45 Content-generated event vulnerabilities


This update also upgrades the version of the Mozilla suite for the following products:

* SUSE Linux Desktop 1.0:
The original Mozilla 1.4 branch browser is upgraded to the Mozilla 1.7 branch version.

We were not able to port the galeon web browser included in SUSE Linux Desktop 1.0 to support Mozilla 1.7 in time, so we no longer support it.

The galeon package on SUSE Linux Desktop 1.0 is removed by this update.

* SUSE Linux Enterprise Server 8:
The original Mozilla 1.4 branch browser is upgraded to the Mozilla 1.7 branch version.

* SUSE Linux Enterprise Server 9:
The Mozilla version 1.6 shipped with GA of the SUSE Linux Enterprise Server 9 was replaced by the Mozilla 1.7 branch version in Service Pack 2.

* SUSE Linux 8.2, 9.0, 9.1:
The Mozilla version 1.4 and 1.6 contained in the SUSE Linux versions 8.2 up to 9.1 was replaced by the Mozilla 1.7 branch version.

We were not able to port the galeon and the epiphany web browsers included in SUSE Linux 9.0 up to 9.1 to support Mozilla 1.7 in time, so we will no longer support it.

The galeon and epiphany packages on SUSE Linux 9.0 and 9.1 are removed by this update.

Solution

http://www.suse.de/security/advisories/2005_45_mozilla.html

Plugin Details

Severity: High

ID: 19924

File Name: suse_SA_2005_045.nasl

Version: 1.8

Agent: unix

Published: 10/5/2005

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list