漏洞信息详情

Mozilla Firefox不安全默认安装漏洞

  • CNNVD编号:CNNVD-200412-856
  • 危害等级: 高危
  • CVE编号: CVE-2004-2228
  • 漏洞类型: 设计错误
  • 发布时间: 2004-12-31
  • 威胁类型: 本地
  • 更新时间: 2005-10-20
  • 厂        商: mozilla
  • 漏洞来源: Reportedly this is...

漏洞简介

基于Mac OS X平台的Mozilla Firefox 1.0以前版本安装时具有全域可写权限,本地用户可以利用该漏洞提升特权。

漏洞公告

The vendor has released an upgrade dealing with this issue. Gentoo has released an advisory GLSA 200501-03 to address various issues in multiple browsers offered by Mozilla. Gentoo users may carry out the following commands to update their computers: Mozilla users: emerge --sync emerge --ask --oneshot --verbose ">=net-www/mozilla-1.7.5" Mozilla binary users: emerge --sync emerge --ask --oneshot --verbose ">=net-www/mozilla-bin-1.7.5" Firefox users: emerge --sync emerge --ask --oneshot --verbose ">=net-www/mozilla-firefox-1.0" Firefox binary users: emerge --sync emerge --ask --oneshot --verbose ">=net-www/mozilla-firefox-bin-1.0" Thunderbird users: # emerge --sync # emerge --ask --oneshot ?verbose ">=mail-client/mozilla-thunderbird-0.9" Thunderbird: # emerge --sync # emerge --ask --oneshot ?verbose ">=mail-client/mozilla-thunderbird-bin-0.9" Please see the referenced advisory for more information. Mozilla Firefox 0.10

Mozilla Firefox 0.10.1 Mozilla Firefox 0.8 Mozilla Firefox 0.9 Mozilla Firefox 0.9.1 Mozilla Firefox 0.9.2 Mozilla Firefox 0.9.3

参考网址

来源: XF 名称: mozilla-firefox-gain-privileges(18017) 链接:http://xforce.iss.net/xforce/xfdb/18017 来源: BID 名称: 11644 链接:http://www.securityfocus.com/bid/11644 来源: OSVDB 名称: 11592 链接:http://www.osvdb.org/11592 来源: GENTOO 名称: GLSA-200501-03 链接:http://security.gentoo.org/glsa/glsa-200501-03.xml 来源: SECUNIA 名称: 13724 链接:http://secunia.com/advisories/13724 来源: SECUNIA 名称: 13144 链接:http://secunia.com/advisories/13144

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多