Rapid7 Vulnerability & Exploit Database

ELSA-2010-0892 Moderate: Oracle Linux openswan security update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

ELSA-2010-0892 Moderate: Oracle Linux openswan security update

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

07/30/2010

Created

07/25/2018

Added

12/20/2011

Modified

07/04/2017

Description

Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.

Solution(s)

oracle-linux-upgrade-openswan
oracle-linux-upgrade-openswan-doc

References

https://attackerkb.com/topics/cve-2010-2752
41852
43588
CVE - 2010-2752
CVE - 2010-3302
CVE - 2010-3308
CVE - 2010-3753
OVAL11680
RHSA-2010:0892
http://oss.oracle.com/pipermail/el-errata/2011-February/001839.html

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;