SUSE-SA:2005:058: mozilla,MozillaFirefox

High Nessus Plugin ID 19937


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2005:058 (mozilla,MozillaFirefox).

The web browsers Mozilla and Mozilla Firefox have been updated to contain fixes for the vulnerabilities fixed in:

- Mozilla browser suite version 1.7.12
- Mozilla Firefox version 1.0.7

The security problems with their corresponding Mitre CVE ID are:
- CVE-2005-2701: Heap overrun in XBM image processing
- CVE-2005-2702: Crash on 'zero-width non-joiner' sequence
- CVE-2005-2703: XMLHttpRequest header spoofing
- CVE-2005-2704: Object spoofing using XBL <implements>
- CVE-2005-2705: Javascript integer overflow
- CVE-2005-2706: Privilege escalation using about: scheme
- CVE-2005-2707: Chrome window spoofing


Plugin Details

Severity: High

ID: 19937

File Name: suse_SA_2005_058.nasl

Version: $Revision: 1.5 $

Agent: unix

Published: 2005/10/05

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list