SuSE 9.1 security update for mozilla
Description
The system is missing one or more SuSE security patches. Security Update: This updates resolves several security bugs in the mozilla web browser. - CAN-2004-0902: Several heap based buffer overflows in Mozilla Browsers. - CAN-2004-0903: Stack-based buffer overflow in the writeGroup function in vcard handling. - CAN-2004-0904: Overflow in BMP bitmap decoding. - CAN-2004-0905: Crossdomain scripting and possible code execution by javascript drag and drop. - CAN-2004-0906: XPI Installer sets insecure permissions, allowing local users to overwrite files of the user. - CAN-2004-0908: Erlaubt Javascript das Lesen und Schreiben des Clipboards, was zu Verlust vertraulicher Information führen kann. Additional Bugs fixed: - An endianess bugfix for AMD64. - Added support for mozilla init scripts to start-scripts. - Add ContentLocale parameter for initial localization. - Enabled logging for non-debug builds to be able to get some logfiles for debugging. - Fixed crashing problem introduced by last security update.
Solution(s)
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center