Rapid7 Vulnerability & Exploit Database

SuSE 8.2 security update for mozilla

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

SuSE 8.2 security update for mozilla

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
11/01/2004
Created
07/25/2018
Added
11/01/2004
Modified
11/18/2015

Description

The system is missing one or more SuSE security patches. Security Update: This updates resolves several security bugs in the mozilla web browser. - CAN-2004-0718: modifying content in unrelated windows - CAN-2004-0722: integer overflow in the SOAPParameter object constructor - CAN-2004-0757: heap-based buffer overflow in the SendUidl of POP3 code - CAN-2004-0758: denial-of-service with malicious SSL certificates - CAN-2004-0759: read files via JavaScript - CAN-2004-0760: MIME code handles %00 incorrectly - CAN-2004-0761: spoofing of security lock icon - - CAN-2004-0762: manipulation of XPInstall Security dialog box - CAN-2004-0763: spoofing of SSL certificates by using redirects and JavaScript - CAN-2004-0764: hijacking the user interface via the "chrome" flag and XML User Interface Language (XUL) files - CAN-2004-0765: spoofing SSL certificates due to incorrecting comparsion of hostnames - CAN-2004-0902: Several heap based buffer overflows in Mozilla Browsers. - CAN-2004-0903: Stack-based buffer overflow in the writeGroup function in vcard handling. - CAN-2004-0904: Overflow in BMP bitmap decoding. - - CAN-2004-0905: Crossdomain scripting and possible code execution by javascript drag and drop. - CAN-2004-0906: XPI Installer sets insecure permissions, allowing local users to overwrite files of the user. - CAN-2004-0908: Allow untrusted javascript code to read and write to the clipbo ard. - CAN-2004-0909: Allow remote attackers to trick the user into performing dangerous operations by modifying security relevant dialog boxes.

Solution(s)

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;