Mandrake Security Advisory MDVSA-2009:084 (firefox) Network Vulnerability

Summary

The remote host is missing an update to firefox announced via advisory MDVSA-2009:084.

Solution

To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:084 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.8

Insight

Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.8 (CVE-2009-1044, CVE-2009-1169). This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages requiring it have also been rebuilt and are being provided as updates. Affected: 2008.1, 2009.0

Severity

Classification

CVE CVE-2009-1044, CVE-2009-1169
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:141 (mozilla-thunderbird)
Mandrake Security Advisory MDVSA-2009:064 (imap)
Mandrake Security Advisory MDVSA-2009:062 (shadow-utils)
Mandrake Security Advisory MDVSA-2009:067 (libsndfile)
Mandrake Security Advisory MDVSA-2009:003 (python)

Take action and discover your vulnerabilities