SuSE 10 Security Update : Security update for (ZYPP Patch Number 2088)

critical Nessus Plugin ID 29355


The remote SuSE 10 host is missing a security-related patch.


This security update brings Mozilla Firefox to version

More details can be found on: es.html

It includes fixes to the following security problems :

- Crashes with evidence of memory corruption MFSA 2006-63 / CVE-2006-4570: JavaScript execution in mail via XBL MFSA 2006-62 / CVE-2006-4569: Popup-blocker cross-site scripting (XSS) MFSA 2006-61 / CVE-2006-4568: Frame spoofing using MFSA 2006-60 / CVE-2006-4340/CERT VU#845620: RSA Signature Forgery MFSA 2006-59 / CVE-2006-4253: Concurrency-related vulnerability MFSA 2006-58 / CVE-2006-4567: Auto-Update compromise through DNS and SSL spoofing MFSA 2006-57 / CVE-2006-4565 / CVE-2006-4566: JavaScript Regular Expression Heap Corruption. (MFSA 2006-64 / CVE-2006-4571)


Apply ZYPP patch number 2088.

See Also

Plugin Details

Severity: Critical

ID: 29355

File Name: suse_MozillaFirefox-2088.nasl

Version: 1.19

Type: local

Agent: unix

Published: 12/13/2007

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 9/18/2006

Vulnerability Publication Date: 8/21/2006

Reference Information

CVE: CVE-2006-4253, CVE-2006-4340, CVE-2006-4565, CVE-2006-4566, CVE-2006-4567, CVE-2006-4568, CVE-2006-4569, CVE-2006-4570, CVE-2006-4571

CWE: 119, 20, 264, 79

CERT: 845620