SuSE 10 Security Update : Security update for (ZYPP Patch Number 2088)

Critical Nessus Plugin ID 29355


The remote SuSE 10 host is missing a security-related patch.


This security update brings Mozilla Firefox to version

More details can be found on: es.html

It includes fixes to the following security problems :

- Crashes with evidence of memory corruption MFSA 2006-63 / CVE-2006-4570: JavaScript execution in mail via XBL MFSA 2006-62 / CVE-2006-4569: Popup-blocker cross-site scripting (XSS) MFSA 2006-61 / CVE-2006-4568: Frame spoofing using MFSA 2006-60 / CVE-2006-4340/CERT VU#845620: RSA Signature Forgery MFSA 2006-59 / CVE-2006-4253: Concurrency-related vulnerability MFSA 2006-58 / CVE-2006-4567: Auto-Update compromise through DNS and SSL spoofing MFSA 2006-57 / CVE-2006-4565 / CVE-2006-4566: JavaScript Regular Expression Heap Corruption. (MFSA 2006-64 / CVE-2006-4571)


Apply ZYPP patch number 2088.

See Also

Plugin Details

Severity: Critical

ID: 29355

File Name: suse_MozillaFirefox-2088.nasl

Version: $Revision: 1.15 $

Type: local

Agent: unix

Published: 2007/12/13

Modified: 2016/12/22

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2006/09/18

Reference Information

CVE: CVE-2006-4253, CVE-2006-4340, CVE-2006-4565, CVE-2006-4566, CVE-2006-4567, CVE-2006-4568, CVE-2006-4569, CVE-2006-4570, CVE-2006-4571

CERT: 845620

CWE: 20, 79, 119, 264