{"bulletinFamily": "unix", "affectedPackage": [{"OS": "CentOS", "packageVersion": "10.0.8-2.el5_8", "packageFilename": "xulrunner-10.0.8-2.el5_8.x86_64.rpm", "packageName": "xulrunner", "operator": "lt", "arch": "x86_64", "OSVersion": "5"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el6.centos", "packageFilename": "xulrunner-10.0.8-2.el6.centos.src.rpm", "packageName": "xulrunner", "operator": "lt", "arch": "any", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el6.centos", "packageFilename": "xulrunner-devel-10.0.8-2.el6.centos.i686.rpm", "packageName": "xulrunner-devel", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el6.centos", "packageFilename": "xulrunner-devel-10.0.8-2.el6.centos.i686.rpm", "packageName": "xulrunner-devel", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el6.centos", "packageFilename": "xulrunner-10.0.8-2.el6.centos.i686.rpm", "packageName": "xulrunner", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el6.centos", "packageFilename": "xulrunner-10.0.8-2.el6.centos.i686.rpm", "packageName": "xulrunner", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el5_8", "packageFilename": "xulrunner-devel-10.0.8-2.el5_8.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt", "arch": "x86_64", "OSVersion": "5"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el5_8", "packageFilename": "xulrunner-10.0.8-2.el5_8.i386.rpm", "packageName": "xulrunner", "operator": "lt", "arch": "i386", "OSVersion": "5"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el5_8", "packageFilename": "xulrunner-10.0.8-2.el5_8.i386.rpm", "packageName": "xulrunner", "operator": "lt", "arch": "i386", "OSVersion": "5"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el5_8", "packageFilename": "xulrunner-10.0.8-2.el5_8.src.rpm", "packageName": "xulrunner", "operator": "lt", "arch": "any", "OSVersion": "5"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el5_8", "packageFilename": "xulrunner-devel-10.0.8-2.el5_8.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt", "arch": "i386", "OSVersion": "5"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el5_8", "packageFilename": "xulrunner-devel-10.0.8-2.el5_8.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt", "arch": "i386", "OSVersion": "5"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el6.centos", "packageFilename": "xulrunner-devel-10.0.8-2.el6.centos.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "10.0.8-2.el6.centos", "packageFilename": "xulrunner-10.0.8-2.el6.centos.x86_64.rpm", "packageName": "xulrunner", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}], "viewCount": 2, "reporter": "CentOS Project", "references": ["http://rhn.redhat.com/errata/RHSA-2012-1361.html", "https://rhn.redhat.com/errata/RHSA-2012-1361.html", "http://steadfast.net/"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1361\n\n\nXULRunner provides the XUL Runtime environment for applications using the\nGecko layout engine.\n\nA flaw was found in the way XULRunner handled security wrappers. A web page\ncontaining malicious content could possibly cause an application linked\nagainst XULRunner (such as Mozilla Firefox) to execute arbitrary code with\nthe privileges of the user running the application. (CVE-2012-4193)\n\nFor technical details regarding this flaw, refer to the Mozilla security\nadvisories. You can find a link to the Mozilla advisories in the References\nsection of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting this issue.\nUpstream acknowledges moz_bug_r_a4 as the original reporter.\n\nAll XULRunner users should upgrade to these updated packages, which correct\nthis issue. After installing the update, applications using XULRunner must\nbe restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030974.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030978.html\n\n**Affected packages:**\nxulrunner\nxulrunner-devel\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2012-1361.html", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/030974.html", "modified": "2012-10-13T02:27:24", "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-4193"]}, {"type": "openvas", "idList": ["OPENVAS:881518", "OPENVAS:881523", "OPENVAS:1361412562310881521", "OPENVAS:881517", "OPENVAS:1361412562310123802", "OPENVAS:1361412562310881517", "OPENVAS:1361412562310881518", "OPENVAS:870848", "OPENVAS:1361412562310870846", "OPENVAS:1361412562310870848"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2012-1361.NASL", "CENTOS_RHSA-2012-1362.NASL", "CENTOS_RHSA-2012-1361.NASL", "ORACLELINUX_ELSA-2012-1362.NASL", "SL_20121012_XULRUNNER_ON_SL5_X.NASL", "MOZILLA_THUNDERBIRD_1009.NASL", "REDHAT-RHSA-2012-1362.NASL", "MOZILLA_FIREFOX_1009.NASL", "ORACLELINUX_ELSA-2012-1361.NASL", "MACOSX_FIREFOX_10_0_9.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1361", "ELSA-2012-1362"]}, {"type": "redhat", "idList": ["RHSA-2012:1362", "RHSA-2012:1361"]}, {"type": "centos", "idList": ["CESA-2012:1362"]}, {"type": "mozilla", "idList": ["MFSA2012-89"]}, {"type": "suse", "idList": ["SUSE-SU-2012:1351-1", "OPENSUSE-SU-2012:1345-1", "OPENSUSE-SU-2014:1100-1"]}, {"type": "ubuntu", "idList": ["USN-1611-1"]}, {"type": "freebsd", "idList": ["6E5A9AFD-12D3-11E2-B47D-C8600054B392"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12639"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}], "modified": "2020-08-13T19:38:46", "rev": 2}, "score": {"value": 8.2, "vector": "NONE", "modified": "2020-08-13T19:38:46", "rev": 2}, "vulnersScore": 8.2}, "id": "CESA-2012:1361", "title": "xulrunner security update", "edition": 4, "published": "2012-10-12T21:47:30", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvelist": ["CVE-2012-4193"], "lastseen": "2020-08-13T19:38:46", "scheme": null, "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:59:53", "description": "Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.", "edition": 8, "cvss3": {}, "published": "2012-10-12T10:44:00", "title": "CVE-2012-4193", "type": "cve", "cwe": ["CWE-346"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4193"], "modified": "2020-08-14T18:07:00", "cpe": ["cpe:/o:suse:linux_enterprise_software_development_kit:10", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4193", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4193", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}], "openvas": [{"lastseen": "2018-01-02T10:57:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "Check for the Version of xulrunner", "modified": "2017-12-28T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:881517", "href": "http://plugins.openvas.org/nasl.php?oid=881517", "type": "openvas", "title": "CentOS Update for xulrunner CESA-2012:1361 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xulrunner CESA-2012:1361 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"XULRunner provides the XUL Runtime environment for applications using the\n Gecko layout engine.\n\n A flaw was found in the way XULRunner handled security wrappers. A web page\n containing malicious content could possibly cause an application linked\n against XULRunner (such as Mozilla Firefox) to execute arbitrary code with\n the privileges of the user running the application. (CVE-2012-4193)\n \n For technical details regarding this flaw, refer to the Mozilla security\n advisories. You can find a link to the Mozilla advisories in the References\n section of this erratum.\n \n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n \n All XULRunner users should upgrade to these updated packages, which correct\n this issue. After installing the update, applications using XULRunner must\n be restarted for the changes to take effect.\";\n\ntag_affected = \"xulrunner on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-October/018936.html\");\n script_id(881517);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:45:07 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1361\");\n script_name(\"CentOS Update for xulrunner CESA-2012:1361 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~2.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~2.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-13T20:23:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:1361412562310870846", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870846", "type": "openvas", "title": "RedHat Update for xulrunner RHSA-2012:1361-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for xulrunner RHSA-2012:1361-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00014.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870846\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:44:21 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:1361-01\");\n script_name(\"RedHat Update for xulrunner RHSA-2012:1361-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xulrunner'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"xulrunner on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"XULRunner provides the XUL Runtime environment for applications using the\n Gecko layout engine.\n\n A flaw was found in the way XULRunner handled security wrappers. A web page\n containing malicious content could possibly cause an application linked\n against XULRunner (such as Mozilla Firefox) to execute arbitrary code with\n the privileges of the user running the application. (CVE-2012-4193)\n\n For technical details regarding this flaw, refer to the Mozilla security\n advisories. You can find a link to the Mozilla advisories in the References\n section of this erratum.\n\n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\n All XULRunner users should upgrade to these updated packages, which correct\n this issue. After installing the update, applications using XULRunner must\n be restarted for the changes to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~2.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.8~2.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.8~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:07:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "Check for the Version of xulrunner", "modified": "2018-01-10T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:881523", "href": "http://plugins.openvas.org/nasl.php?oid=881523", "type": "openvas", "title": "CentOS Update for xulrunner CESA-2012:1361 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xulrunner CESA-2012:1361 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"XULRunner provides the XUL Runtime environment for applications using the\n Gecko layout engine.\n\n A flaw was found in the way XULRunner handled security wrappers. A web page\n containing malicious content could possibly cause an application linked\n against XULRunner (such as Mozilla Firefox) to execute arbitrary code with\n the privileges of the user running the application. (CVE-2012-4193)\n \n For technical details regarding this flaw, refer to the Mozilla security\n advisories. You can find a link to the Mozilla advisories in the References\n section of this erratum.\n \n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n \n All XULRunner users should upgrade to these updated packages, which correct\n this issue. After installing the update, applications using XULRunner must\n be restarted for the changes to take effect.\";\n\ntag_affected = \"xulrunner on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-October/018940.html\");\n script_id(881523);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:45:38 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1361\");\n script_name(\"CentOS Update for xulrunner CESA-2012:1361 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~2.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~2.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "Check for the Version of thunderbird", "modified": "2018-01-02T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:870848", "href": "http://plugins.openvas.org/nasl.php?oid=870848", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2012:1362-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2012:1362-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A flaw was found in the way Thunderbird handled security wrappers.\n Malicious content could cause Thunderbird to execute arbitrary code with\n the privileges of the user running Thunderbird. (CVE-2012-4193)\n\n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\n Note: This issue cannot be exploited by a specially-crafted HTML mail\n message as JavaScript is disabled by default for mail messages. It could be\n exploited another way in Thunderbird, for example, when viewing the full\n remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n corrects this issue. After installing the update, Thunderbird must be\n restarted for the changes to take effect.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00015.html\");\n script_id(870848);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:44:30 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:1362-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2012:1362-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~2.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~10.0.8~2.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "Check for the Version of thunderbird", "modified": "2017-12-28T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:881518", "href": "http://plugins.openvas.org/nasl.php?oid=881518", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2012:1362 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2012:1362 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A flaw was found in the way Thunderbird handled security wrappers.\n Malicious content could cause Thunderbird to execute arbitrary code with\n the privileges of the user running Thunderbird. (CVE-2012-4193)\n \n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n \n Note: This issue cannot be exploited by a specially-crafted HTML mail\n message as JavaScript is disabled by default for mail messages. It could be\n exploited another way in Thunderbird, for example, when viewing the full\n remote content of an RSS feed.\n \n All Thunderbird users should upgrade to this updated package, which\n corrects this issue. After installing the update, Thunderbird must be\n restarted for the changes to take effect.\";\n\ntag_affected = \"thunderbird on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-October/018939.html\");\n script_id(881518);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:45:13 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1362\");\n script_name(\"CentOS Update for thunderbird CESA-2012:1362 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~2.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-13T20:22:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:1361412562310881518", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881518", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2012:1362 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2012:1362 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-October/018939.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881518\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:45:13 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1362\");\n script_name(\"CentOS Update for thunderbird CESA-2012:1362 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A flaw was found in the way Thunderbird handled security wrappers.\n Malicious content could cause Thunderbird to execute arbitrary code with\n the privileges of the user running Thunderbird. (CVE-2012-4193)\n\n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\n Note: This issue cannot be exploited by a specially-crafted HTML mail\n message as JavaScript is disabled by default for mail messages. It could be\n exploited another way in Thunderbird, for example, when viewing the full\n remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n corrects this issue. After installing the update, Thunderbird must be\n restarted for the changes to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~2.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-13T20:17:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:1361412562310881521", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881521", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2012:1362 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2012:1362 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-October/018937.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881521\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:45:28 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1362\");\n script_name(\"CentOS Update for thunderbird CESA-2012:1362 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A flaw was found in the way Thunderbird handled security wrappers.\n Malicious content could cause Thunderbird to execute arbitrary code with\n the privileges of the user running Thunderbird. (CVE-2012-4193)\n\n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\n Note: This issue cannot be exploited by a specially-crafted HTML mail\n message as JavaScript is disabled by default for mail messages. It could be\n exploited another way in Thunderbird, for example, when viewing the full\n remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n corrects this issue. After installing the update, Thunderbird must be\n restarted for the changes to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~2.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-13T20:12:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "Oracle Linux Local Security Checks ELSA-2012-1362", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123802", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123802", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1362.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123802\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:45 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1362\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1362 - thunderbird security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1362\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1362.html\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~2.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~2.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-13T20:20:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:1361412562310870848", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870848", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2012:1362-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2012:1362-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870848\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:44:30 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:1362-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2012:1362-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A flaw was found in the way Thunderbird handled security wrappers.\n Malicious content could cause Thunderbird to execute arbitrary code with\n the privileges of the user running Thunderbird. (CVE-2012-4193)\n\n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\n Note: This issue cannot be exploited by a specially-crafted HTML mail\n message as JavaScript is disabled by default for mail messages. It could be\n exploited another way in Thunderbird, for example, when viewing the full\n remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n corrects this issue. After installing the update, Thunderbird must be\n restarted for the changes to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~2.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~10.0.8~2.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-13T20:17:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:1361412562310881523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881523", "type": "openvas", "title": "CentOS Update for xulrunner CESA-2012:1361 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xulrunner CESA-2012:1361 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-October/018940.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881523\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:45:38 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4193\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1361\");\n script_name(\"CentOS Update for xulrunner CESA-2012:1361 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xulrunner'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"xulrunner on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"XULRunner provides the XUL Runtime environment for applications using the\n Gecko layout engine.\n\n A flaw was found in the way XULRunner handled security wrappers. A web page\n containing malicious content could possibly cause an application linked\n against XULRunner (such as Mozilla Firefox) to execute arbitrary code with\n the privileges of the user running the application. (CVE-2012-4193)\n\n For technical details regarding this flaw, refer to the Mozilla security\n advisories. You can find a link to the Mozilla advisories in the References\n section of this erratum.\n\n Red Hat would like to thank the Mozilla project for reporting this issue.\n Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\n All XULRunner users should upgrade to these updated packages, which correct\n this issue. After installing the update, applications using XULRunner must\n be restarted for the changes to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~2.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~2.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-08-13T19:41:08", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1362\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nA flaw was found in the way Thunderbird handled security wrappers.\nMalicious content could cause Thunderbird to execute arbitrary code with\nthe privileges of the user running Thunderbird. (CVE-2012-4193)\n\nRed Hat would like to thank the Mozilla project for reporting this issue.\nUpstream acknowledges moz_bug_r_a4 as the original reporter.\n\nNote: This issue cannot be exploited by a specially-crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. It could be\nexploited another way in Thunderbird, for example, when viewing the full\nremote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncorrects this issue. After installing the update, Thunderbird must be\nrestarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030975.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030977.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 4, "modified": "2012-10-13T02:26:29", "published": "2012-10-13T02:05:00", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/030975.html", "id": "CESA-2012:1362", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2020-08-13T18:06:47", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nA flaw was found in the way Thunderbird handled security wrappers.\nMalicious content could cause Thunderbird to execute arbitrary code with\nthe privileges of the user running Thunderbird. (CVE-2012-4193)\n\nRed Hat would like to thank the Mozilla project for reporting this issue.\nUpstream acknowledges moz_bug_r_a4 as the original reporter.\n\nNote: This issue cannot be exploited by a specially-crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. It could be\nexploited another way in Thunderbird, for example, when viewing the full\nremote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncorrects this issue. After installing the update, Thunderbird must be\nrestarted for the changes to take effect.\n", "modified": "2018-06-06T20:24:36", "published": "2012-10-12T04:00:00", "id": "RHSA-2012:1362", "href": "https://access.redhat.com/errata/RHSA-2012:1362", "type": "redhat", "title": "(RHSA-2012:1362) Critical: thunderbird security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-13T18:04:59", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193"], "description": "XULRunner provides the XUL Runtime environment for applications using the\nGecko layout engine.\n\nA flaw was found in the way XULRunner handled security wrappers. A web page\ncontaining malicious content could possibly cause an application linked\nagainst XULRunner (such as Mozilla Firefox) to execute arbitrary code with\nthe privileges of the user running the application. (CVE-2012-4193)\n\nFor technical details regarding this flaw, refer to the Mozilla security\nadvisories. You can find a link to the Mozilla advisories in the References\nsection of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting this issue.\nUpstream acknowledges moz_bug_r_a4 as the original reporter.\n\nAll XULRunner users should upgrade to these updated packages, which correct\nthis issue. After installing the update, applications using XULRunner must\nbe restarted for the changes to take effect.\n", "modified": "2018-06-06T20:24:28", "published": "2012-10-12T04:00:00", "id": "RHSA-2012:1361", "href": "https://access.redhat.com/errata/RHSA-2012:1361", "type": "redhat", "title": "(RHSA-2012:1361) Critical: xulrunner security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-08-13T19:45:49", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193"], "description": "[10.0.8-2.0.1.el6_3]\n- Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js\n[10.0.8-2]\n- Added patches from 10.0.9 ESR", "edition": 5, "modified": "2012-10-12T00:00:00", "published": "2012-10-12T00:00:00", "id": "ELSA-2012-1361", "href": "http://linux.oracle.com/errata/ELSA-2012-1361.html", "title": "xulrunner security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-22T17:11:16", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193"], "description": "[10.0.8-2.0.1.el6_3]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n- Replace clean.gif in tarball\n[10.0.8-2]\n- Added patches from 10.0.9 ESR", "edition": 6, "modified": "2012-10-12T00:00:00", "published": "2012-10-12T00:00:00", "id": "ELSA-2012-1362", "href": "http://linux.oracle.com/errata/ELSA-2012-1362.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-06T09:28:03", "description": "Updated xulrunner packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nXULRunner provides the XUL Runtime environment for applications using\nthe Gecko layout engine.\n\nA flaw was found in the way XULRunner handled security wrappers. A web\npage containing malicious content could possibly cause an application\nlinked against XULRunner (such as Mozilla Firefox) to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2012-4193)\n\nFor technical details regarding this flaw, refer to the Mozilla\nsecurity advisories. You can find a link to the Mozilla advisories in\nthe References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nAll XULRunner users should upgrade to these updated packages, which\ncorrect this issue. After installing the update, applications using\nXULRunner must be restarted for the changes to take effect.", "edition": 24, "published": "2012-10-15T00:00:00", "title": "CentOS 5 / 6 : xulrunner (CESA-2012:1361)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "modified": "2012-10-15T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:xulrunner-devel", "p-cpe:/a:centos:centos:xulrunner", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1361.NASL", "href": "https://www.tenable.com/plugins/nessus/62521", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1361 and \n# CentOS Errata and Security Advisory 2012:1361 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62521);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-4193\");\n script_bugtraq_id(55889);\n script_xref(name:\"RHSA\", value:\"2012:1361\");\n\n script_name(english:\"CentOS 5 / 6 : xulrunner (CESA-2012:1361)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated xulrunner packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nXULRunner provides the XUL Runtime environment for applications using\nthe Gecko layout engine.\n\nA flaw was found in the way XULRunner handled security wrappers. A web\npage containing malicious content could possibly cause an application\nlinked against XULRunner (such as Mozilla Firefox) to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2012-4193)\n\nFor technical details regarding this flaw, refer to the Mozilla\nsecurity advisories. You can find a link to the Mozilla advisories in\nthe References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nAll XULRunner users should upgrade to these updated packages, which\ncorrect this issue. After installing the update, applications using\nXULRunner must be restarted for the changes to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-October/018936.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3d33504\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-October/018940.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?da250dee\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected xulrunner packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4193\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"xulrunner-10.0.8-2.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xulrunner-devel-10.0.8-2.el5_8\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"xulrunner-10.0.8-2.el6.centos\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"xulrunner-devel-10.0.8-2.el6.centos\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:47:15", "description": "From Red Hat Security Advisory 2012:1362 :\n\nAn updated thunderbird package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nA flaw was found in the way Thunderbird handled security wrappers.\nMalicious content could cause Thunderbird to execute arbitrary code\nwith the privileges of the user running Thunderbird. (CVE-2012-4193)\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nNote: This issue cannot be exploited by a specially crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. It\ncould be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncorrects this issue. After installing the update, Thunderbird must be\nrestarted for the changes to take effect.", "edition": 19, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : thunderbird (ELSA-2012-1362)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2012-1362.NASL", "href": "https://www.tenable.com/plugins/nessus/68639", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1362 and \n# Oracle Linux Security Advisory ELSA-2012-1362 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68639);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4193\");\n script_bugtraq_id(55889);\n script_xref(name:\"RHSA\", value:\"2012:1362\");\n\n script_name(english:\"Oracle Linux 6 : thunderbird (ELSA-2012-1362)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2012:1362 :\n\nAn updated thunderbird package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nA flaw was found in the way Thunderbird handled security wrappers.\nMalicious content could cause Thunderbird to execute arbitrary code\nwith the privileges of the user running Thunderbird. (CVE-2012-4193)\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nNote: This issue cannot be exploited by a specially crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. It\ncould be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncorrects this issue. After installing the update, Thunderbird must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003078.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"thunderbird-10.0.8-2.0.1.el6_3\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:46:55", "description": "A flaw was found in the way XULRunner handled security wrappers. A web\npage containing malicious content could possibly cause an application\nlinked against XULRunner (such as Mozilla Firefox) to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2012-4193)\n\nAfter installing the update, applications using XULRunner must be\nrestarted for the changes to take effect.", "edition": 14, "published": "2012-10-16T00:00:00", "title": "Scientific Linux Security Update : xulrunner on SL5.x, SL6.x i386/x86_64 (20121012)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "modified": "2012-10-16T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:xulrunner-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:xulrunner"], "id": "SL_20121012_XULRUNNER_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62556", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62556);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4193\");\n\n script_name(english:\"Scientific Linux Security Update : xulrunner on SL5.x, SL6.x i386/x86_64 (20121012)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way XULRunner handled security wrappers. A web\npage containing malicious content could possibly cause an application\nlinked against XULRunner (such as Mozilla Firefox) to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2012-4193)\n\nAfter installing the update, applications using XULRunner must be\nrestarted for the changes to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1210&L=scientific-linux-errata&T=0&P=1892\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ccca2e88\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xulrunner and / or xulrunner-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-10.0.8-2.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-10.0.8-2.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"xulrunner-10.0.8-2.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"xulrunner-devel-10.0.8-2.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:28:04", "description": "An updated thunderbird package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nA flaw was found in the way Thunderbird handled security wrappers.\nMalicious content could cause Thunderbird to execute arbitrary code\nwith the privileges of the user running Thunderbird. (CVE-2012-4193)\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nNote: This issue cannot be exploited by a specially crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. It\ncould be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncorrects this issue. After installing the update, Thunderbird must be\nrestarted for the changes to take effect.", "edition": 22, "published": "2012-10-15T00:00:00", "title": "CentOS 5 / 6 : thunderbird (CESA-2012:1362)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "modified": "2012-10-15T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:thunderbird", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1362.NASL", "href": "https://www.tenable.com/plugins/nessus/62522", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1362 and \n# CentOS Errata and Security Advisory 2012:1362 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62522);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-4193\");\n script_bugtraq_id(55889);\n script_xref(name:\"RHSA\", value:\"2012:1362\");\n\n script_name(english:\"CentOS 5 / 6 : thunderbird (CESA-2012:1362)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nA flaw was found in the way Thunderbird handled security wrappers.\nMalicious content could cause Thunderbird to execute arbitrary code\nwith the privileges of the user running Thunderbird. (CVE-2012-4193)\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nNote: This issue cannot be exploited by a specially crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. It\ncould be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncorrects this issue. After installing the update, Thunderbird must be\nrestarted for the changes to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-October/018937.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1a446e9\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-October/018939.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b3ada1b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4193\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"thunderbird-10.0.8-2.el5.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"thunderbird-10.0.8-2.el6.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:11:16", "description": "An updated thunderbird package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nA flaw was found in the way Thunderbird handled security wrappers.\nMalicious content could cause Thunderbird to execute arbitrary code\nwith the privileges of the user running Thunderbird. (CVE-2012-4193)\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nNote: This issue cannot be exploited by a specially crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. It\ncould be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncorrects this issue. After installing the update, Thunderbird must be\nrestarted for the changes to take effect.", "edition": 22, "published": "2012-10-15T00:00:00", "title": "RHEL 5 / 6 : thunderbird (RHSA-2012:1362)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "modified": "2012-10-15T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:thunderbird", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-1362.NASL", "href": "https://www.tenable.com/plugins/nessus/62542", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1362. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62542);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4193\");\n script_bugtraq_id(55889);\n script_xref(name:\"RHSA\", value:\"2012:1362\");\n\n script_name(english:\"RHEL 5 / 6 : thunderbird (RHSA-2012:1362)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nA flaw was found in the way Thunderbird handled security wrappers.\nMalicious content could cause Thunderbird to execute arbitrary code\nwith the privileges of the user running Thunderbird. (CVE-2012-4193)\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nNote: This issue cannot be exploited by a specially crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. It\ncould be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncorrects this issue. After installing the update, Thunderbird must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1362\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4193\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1362\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-10.0.8-2.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-10.0.8-2.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-debuginfo-10.0.8-2.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-10.0.8-2.el5_8\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-10.0.8-2.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-10.0.8-2.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-10.0.8-2.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-10.0.8-2.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-10.0.8-2.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-10.0.8-2.el6_3\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:47:14", "description": "From Red Hat Security Advisory 2012:1361 :\n\nUpdated xulrunner packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nXULRunner provides the XUL Runtime environment for applications using\nthe Gecko layout engine.\n\nA flaw was found in the way XULRunner handled security wrappers. A web\npage containing malicious content could possibly cause an application\nlinked against XULRunner (such as Mozilla Firefox) to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2012-4193)\n\nFor technical details regarding this flaw, refer to the Mozilla\nsecurity advisories. You can find a link to the Mozilla advisories in\nthe References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nAll XULRunner users should upgrade to these updated packages, which\ncorrect this issue. After installing the update, applications using\nXULRunner must be restarted for the changes to take effect.", "edition": 21, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : xulrunner (ELSA-2012-1361)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:xulrunner", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:xulrunner-devel"], "id": "ORACLELINUX_ELSA-2012-1361.NASL", "href": "https://www.tenable.com/plugins/nessus/68638", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1361 and \n# Oracle Linux Security Advisory ELSA-2012-1361 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68638);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4193\");\n script_bugtraq_id(55889);\n script_xref(name:\"RHSA\", value:\"2012:1361\");\n\n script_name(english:\"Oracle Linux 5 / 6 : xulrunner (ELSA-2012-1361)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2012:1361 :\n\nUpdated xulrunner packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nXULRunner provides the XUL Runtime environment for applications using\nthe Gecko layout engine.\n\nA flaw was found in the way XULRunner handled security wrappers. A web\npage containing malicious content could possibly cause an application\nlinked against XULRunner (such as Mozilla Firefox) to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2012-4193)\n\nFor technical details regarding this flaw, refer to the Mozilla\nsecurity advisories. You can find a link to the Mozilla advisories in\nthe References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nAll XULRunner users should upgrade to these updated packages, which\ncorrect this issue. After installing the update, applications using\nXULRunner must be restarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003077.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003080.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected xulrunner packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-10.0.8-2.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-10.0.8-2.0.1.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-10.0.8-2.0.1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-devel-10.0.8-2.0.1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:11:15", "description": "Updated xulrunner packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nXULRunner provides the XUL Runtime environment for applications using\nthe Gecko layout engine.\n\nA flaw was found in the way XULRunner handled security wrappers. A web\npage containing malicious content could possibly cause an application\nlinked against XULRunner (such as Mozilla Firefox) to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2012-4193)\n\nFor technical details regarding this flaw, refer to the Mozilla\nsecurity advisories. You can find a link to the Mozilla advisories in\nthe References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nAll XULRunner users should upgrade to these updated packages, which\ncorrect this issue. After installing the update, applications using\nXULRunner must be restarted for the changes to take effect.", "edition": 25, "published": "2012-10-15T00:00:00", "title": "RHEL 5 / 6 : xulrunner (RHSA-2012:1361)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193"], "modified": "2012-10-15T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:xulrunner", "p-cpe:/a:redhat:enterprise_linux:xulrunner-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-1361.NASL", "href": "https://www.tenable.com/plugins/nessus/62541", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1361. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62541);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4193\");\n script_bugtraq_id(55889);\n script_xref(name:\"RHSA\", value:\"2012:1361\");\n\n script_name(english:\"RHEL 5 / 6 : xulrunner (RHSA-2012:1361)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated xulrunner packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nXULRunner provides the XUL Runtime environment for applications using\nthe Gecko layout engine.\n\nA flaw was found in the way XULRunner handled security wrappers. A web\npage containing malicious content could possibly cause an application\nlinked against XULRunner (such as Mozilla Firefox) to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2012-4193)\n\nFor technical details regarding this flaw, refer to the Mozilla\nsecurity advisories. You can find a link to the Mozilla advisories in\nthe References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting this\nissue. Upstream acknowledges moz_bug_r_a4 as the original reporter.\n\nAll XULRunner users should upgrade to these updated packages, which\ncorrect this issue. After installing the update, applications using\nXULRunner must be restarted for the changes to take effect.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a134523f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1361\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4193\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected xulrunner, xulrunner-debuginfo and / or\nxulrunner-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1361\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-10.0.8-2.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-debuginfo-10.0.8-2.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-devel-10.0.8-2.el5_8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-10.0.8-2.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-debuginfo-10.0.8-2.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-devel-10.0.8-2.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xulrunner / xulrunner-debuginfo / xulrunner-devel\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-04-01T04:10:35", "description": "The installed version of Thunderbird 10.x is potentially affected by\nthe following security issues :\n\n - An unspecified error exists that can allow attackers to\n bypass the 'Same Origin Policy' and access the\n 'Location' object. (CVE-2012-4192)\n\n - An error exists related to 'security wrappers' and the\n function 'defaultValue()' that can allow cross-site\n scripting attacks. (CVE-2012-4193)", "edition": 28, "published": "2012-10-17T00:00:00", "title": "Mozilla Thunderbird 10.x < 10.0.9 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193", "CVE-2012-4192"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_1009.NASL", "href": "https://www.tenable.com/plugins/nessus/62590", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62590);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-4192\", \"CVE-2012-4193\");\n script_bugtraq_id(56154, 56155);\n\n script_name(english:\"Mozilla Thunderbird 10.x < 10.0.9 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is potentially\naffected by several vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird 10.x is potentially affected by\nthe following security issues :\n\n - An unspecified error exists that can allow attackers to\n bypass the 'Same Origin Policy' and access the\n 'Location' object. (CVE-2012-4192)\n\n - An error exists related to 'security wrappers' and the\n function 'defaultValue()' that can allow cross-site\n scripting attacks. (CVE-2012-4193)\");\n # http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8993e6b4\");\n # https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dc43f3c3\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-89/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 10.0.9 ESR or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4193\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:TRUE, fix:'10.0.9', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T03:44:06", "description": "The installed version of Firefox is earlier than 10.0.9 and thus, is\npotentially affected by the following security issues :\n\n - An unspecified error exists that can allow attackers to\n bypass the 'Same Origin Policy' and access the\n 'Location' object. (CVE-2012-4192)\n\n - An error exists related to 'security wrappers' and the\n function 'defaultValue()' that can allow cross-site\n scripting attacks. (CVE-2012-4193)", "edition": 28, "published": "2012-10-17T00:00:00", "title": "Firefox < 10.0.9 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193", "CVE-2012-4192"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOSX_FIREFOX_10_0_9.NASL", "href": "https://www.tenable.com/plugins/nessus/62584", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62584);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-4192\", \"CVE-2012-4193\");\n script_bugtraq_id(56154, 56155);\n\n script_name(english:\"Firefox < 10.0.9 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox is earlier than 10.0.9 and thus, is\npotentially affected by the following security issues :\n\n - An unspecified error exists that can allow attackers to\n bypass the 'Same Origin Policy' and access the\n 'Location' object. (CVE-2012-4192)\n\n - An error exists related to 'security wrappers' and the\n function 'defaultValue()' that can allow cross-site\n scripting attacks. (CVE-2012-4193)\");\n # http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8993e6b4\");\n # https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dc43f3c3\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-89/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 10.0.9 ESR or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4193\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'10.0.9', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T03:57:31", "description": "The installed version of Thunderbird 10.x is potentially affected by\nthe following security issues :\n\n - An unspecified error exists that can allow attackers to\n bypass the 'Same Origin Policy' and access the\n 'Location' object. (CVE-2012-4192)\n\n - An error exists related to 'security wrappers' and the\n function 'defaultValue()' that can allow cross-site\n scripting attacks. (CVE-2012-4193)", "edition": 28, "published": "2012-10-17T00:00:00", "title": "Thunderbird 10.x < 10.0.9 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4193", "CVE-2012-4192"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MACOSX_THUNDERBIRD_10_0_9.NASL", "href": "https://www.tenable.com/plugins/nessus/62586", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62586);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-4192\", \"CVE-2012-4193\");\n script_bugtraq_id(56154, 56155);\n\n script_name(english:\"Thunderbird 10.x < 10.0.9 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a mail client that is potentially\naffected by several vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird 10.x is potentially affected by\nthe following security issues :\n\n - An unspecified error exists that can allow attackers to\n bypass the 'Same Origin Policy' and access the\n 'Location' object. (CVE-2012-4192)\n\n - An error exists related to 'security wrappers' and the\n function 'defaultValue()' that can allow cross-site\n scripting attacks. (CVE-2012-4193)\");\n # http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8993e6b4\");\n # https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dc43f3c3\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-89/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 10.0.9 ESR or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4193\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_thunderbird_installed.nasl\");\n script_require_keys(\"MacOSX/Thunderbird/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nkb_base = \"MacOSX/Thunderbird\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nmozilla_check_version(product:'thunderbird', version:version, path:path, fix:'10.0.9', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:37", "bulletinFamily": "software", "cvelist": ["CVE-2012-4193", "CVE-2012-4192"], "edition": 1, "description": "Mozilla security researcher moz_bug_r_a4 reported a regression where security wrappers are unwrapped without doing a security check in defaultValue(). This can allow for improper access to the Location object. In versions 15 and earlier of affected products, there was also the potential for arbitrary code execution. \n\nSecurity researcher Gareth Heyes also blogged about a Firefox 16 only symptom that is fixed in the updated versions.", "modified": "2012-10-11T00:00:00", "published": "2012-10-11T00:00:00", "id": "MFSA2012-89", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2012-89/", "type": "mozilla", "title": "defaultValue security checks not applied", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:18:43", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "The Mozilla suite received following security updates\n (bnc#783533):\n\n Mozilla Firefox was updated to 16.0.1. Mozilla Seamonkey\n was updated to 2.13.1. Mozilla Thunderbird was updated to\n 16.0.1. Mozilla XULRunner was updated to 16.0.1.\n\n * MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous\n memory safety hazards\n * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952,\n bmo#720619) defaultValue security checks not applied\n * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous\n memory safety hazards\n * MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element\n persistance allows for attacks\n * MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued\n access to initial origin after setting document.domain\n * MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some\n DOMWindowUtils methods bypass security checks\n * MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash\n with full screen and history navigation\n * MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with\n invalid cast when using instanceof operator\n * MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty\n function can bypass security checks\n * MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and\n location property accessible by plugins\n * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101,\n bmo#780370) Chrome Object Wrapper (COW) does not\n disallow acces to privileged functions or properties\n * MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and\n script injection through location.hash\n * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/\n CVE-2012-4181/CVE-2012-4182/CVE-2012-4183\n Use-after-free, buffer overflow, and out of bounds read\n issues found using Address Sanitizer\n * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/\n CVE-2012-4188 Heap memory corruption issues found using\n Address Sanitizer\n * MFSA 2012-87/CVE-2012-3990 (bmo#787704)\n\n", "edition": 1, "modified": "2012-10-15T15:08:30", "published": "2012-10-15T15:08:30", "id": "OPENSUSE-SU-2012:1345-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00008.html", "type": "suse", "title": "MozillaFirefox: update to Firefox 16.0.1 (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:49:45", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-3977", "CVE-2012-4180", "CVE-2012-3987", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "MozillaFirefox was updated to the 10.0.9ESR security\n release which fixes bugs and security issues:\n\n *\n\n MFSA 2012-73 / CVE-2012-3977: Security researchers\n Thai Duong and Juliano Rizzo reported that SPDY's request\n header compression leads to information leakage, which can\n allow the extraction of private data such as session\n cookies, even over an encrypted SSL connection. (This does\n not affect Firefox 10 as it does not feature the SPDY\n extension. It was silently fixed for Firefox 15.)\n\n *\n\n MFSA 2012-74: Mozilla developers identified and fixed\n several memory safety bugs in the browser engine used in\n Firefox and other Mozilla-based products. Some of these\n bugs showed evidence of memory corruption under certain\n circumstances, and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code.\n\n In general these flaws cannot be exploited through\n email in the Thunderbird and SeaMonkey products because\n scripting is disabled, but are potentially a risk in\n browser or browser-like contexts in those products.\n\n *\n\n CVE-2012-3983: Henrik Skupin, Jesse Ruderman and\n moz_bug_r_a4 reported memory safety problems and crashes\n that affect Firefox 15.\n\n *\n\n CVE-2012-3982: Christian Holler and Jesse Ruderman\n reported memory safety problems and crashes that affect\n Firefox ESR 10 and Firefox 15.\n\n *\n\n MFSA 2012-75 / CVE-2012-3984: Security researcher\n David Bloom of Cue discovered that &quot;select&quot; elements are\n always-on-top chromeless windows and that navigation away\n from a page with an active &quot;select&quot; menu does not remove\n this window.When another menu is opened programmatically on\n a new page, the original &quot;select&quot; menu can be retained and\n arbitrary HTML content within it rendered, allowing an\n attacker to cover arbitrary portions of the new page\n through absolute positioning/scrolling, leading to spoofing\n attacks. Security researcher Jordi Chancel found a\n variation that would allow for click-jacking attacks was\n well.\n\n In general these flaws cannot be exploited through\n email in the Thunderbird and SeaMonkey products because\n scripting is disabled, but are potentially a risk in\n browser or browser-like contexts in those products.\n References\n\n Navigation away from a page with an active &quot;select&quot;\n dropdown menu can be used for URL spoofing, other evil\n\n Firefox 10.0.1 : Navigation away from a page with\n multiple active &quot;select&quot; dropdown menu can be used for\n Spoofing And ClickJacking with XPI using window.open and\n geolocalisation\n\n *\n\n MFSA 2012-76 / CVE-2012-3985: Security researcher\n Collin Jackson reported a violation of the HTML5\n specifications for document.domain behavior. Specified\n behavior requires pages to only have access to windows in a\n new document.domain but the observed violation allowed\n pages to retain access to windows from the page's initial\n origin in addition to the new document.domain. This could\n potentially lead to cross-site scripting (XSS) attacks.\n\n *\n\n MFSA 2012-77 / CVE-2012-3986: Mozilla developer\n Johnny Stenback discovered that several methods of a\n feature used for testing (DOMWindowUtils) are not protected\n by existing security checks, allowing these methods to be\n called through script by web pages. This was addressed by\n adding the existing security checks to these methods.\n\n *\n\n MFSA 2012-78 / CVE-2012-3987: Security researcher\n Warren He reported that when a page is transitioned into\n Reader Mode in Firefox for Android, the resulting page has\n chrome privileges and its content is not thoroughly\n sanitized. A successful attack requires user enabling of\n reader mode for a malicious page, which could then perform\n an attack similar to cross-site scripting (XSS) to gain the\n privileges allowed to Firefox on an Android device. This\n has been fixed by changing the Reader Mode page into an\n unprivileged page.\n\n This vulnerability only affects Firefox for Android.\n\n *\n\n MFSA 2012-79 / CVE-2012-3988: Security researcher\n Soroush Dalili reported that a combination of invoking full\n screen mode and navigating backwards in history could, in\n some circumstances, cause a hang or crash due to a timing\n dependent use-after-free pointer reference. This crash may\n be potentially exploitable.\n\n *\n\n MFSA 2012-80 / CVE-2012-3989: Mozilla community\n member Ms2ger reported a crash due to an invalid cast when\n using the instanceof operator on certain types of\n JavaScript objects. This can lead to a potentially\n exploitable crash.\n\n *\n\n MFSA 2012-81 / CVE-2012-3991: Mozilla community\n member Alice White reported that when the GetProperty\n function is invoked through JSAPI, security checking can be\n bypassed when getting cross-origin properties. This\n potentially allowed for arbitrary code execution.\n\n *\n\n MFSA 2012-82 / CVE-2012-3994: Security researcher\n Mariusz Mlynski reported that the location property can be\n accessed by binary plugins through top.location and top can\n be shadowed by Object.defineProperty as well. This can\n allow for possible cross-site scripting (XSS) attacks\n through plugins.\n\n *\n\n MFSA 2012-83: Security researcher Mariusz Mlynski\n reported that when InstallTrigger fails, it throws an error\n wrapped in a Chrome Object Wrapper (COW) that fails to\n specify exposed properties. These can then be added to the\n resulting object by an attacker, allowing access to chrome\n privileged functions through script.\n\n While investigating this issue, Mozilla security\n researcher moz_bug_r_a4 found that COW did not disallow\n accessing of properties from a standard prototype in some\n situations, even when the original issue had been fixed.\n\n These issues could allow for a cross-site scripting\n (XSS) attack or arbitrary code execution.\n\n *\n\n CVE-2012-3993: XrayWrapper pollution via unsafe COW\n\n *\n\n CVE-2012-4184: ChromeObjectWrapper is not implemented\n as intended\n\n *\n\n MFSA 2012-84 / CVE-2012-3992: Security researcher\n Mariusz Mlynski reported an issue with spoofing of the\n location property. In this issue, writes to location.hash\n can be used in concert with scripted history navigation to\n cause a specific website to be loaded into the history\n object. The baseURI can then be changed to this stored\n site, allowing an attacker to inject a script or intercept\n posted data posted to a location specified with a relative\n path.\n\n *\n\n MFSA 2012-85: Security researcher Abhishek Arya\n (Inferno) of the Google Chrome Security Team discovered a\n series of use-after-free, buffer overflow, and out of\n bounds read issues using the Address Sanitizer tool in\n shipped software. These issues are potentially exploitable,\n allowing for remote code execution. We would also like to\n thank Abhishek for reporting two additional use-after-free\n flaws introduced during Firefox 16 development and fixed\n before general release.\n\n *\n\n CVE-2012-3995: Out of bounds read in\n IsCSSWordSpacingSpace\n\n *\n\n CVE-2012-4179: Heap-use-after-free in\n nsHTMLCSSUtils::CreateCSSPropertyTxn\n\n *\n\n CVE-2012-4180: Heap-buffer-overflow in\n nsHTMLEditor::IsPrevCharInNodeWhitespace\n\n *\n\n CVE-2012-4181: Heap-use-after-free in\n nsSMILAnimationController::DoSample\n\n *\n\n CVE-2012-4182: Heap-use-after-free in\n nsTextEditRules::WillInsert\n\n *\n\n CVE-2012-4183: Heap-use-after-free in\n DOMSVGTests::GetRequiredFeatures\n\n *\n\n MFSA 2012-86: Security researcher Atte Kettunen from\n OUSPG reported several heap memory corruption issues found\n using the Address Sanitizer tool. These issues are\n potentially exploitable, allowing for remote code execution.\n\n *\n\n CVE-2012-4185: Global-buffer-overflow in\n nsCharTraits::length\n\n *\n\n CVE-2012-4186: Heap-buffer-overflow in\n nsWaveReader::DecodeAudioData\n\n *\n\n CVE-2012-4187: Crash with ASSERTION: insPos too small\n\n *\n\n CVE-2012-4188: Heap-buffer-overflow in Convolve3x3\n\n *\n\n MFSA 2012-87 / CVE-2012-3990: Security researcher\n miaubiz used the Address Sanitizer tool to discover a\n use-after-free in the IME State Manager code. This could\n lead to a potentially exploitable crash.\n\n *\n\n MFSA 2012-89 / CVE-2012-4192 / CVE-2012-4193: Mozilla\n security researcher moz_bug_r_a4 reported a regression\n where security wrappers are unwrapped without doing a\n security check in defaultValue(). This can allow for\n improper access access to the Location object. In versions\n 15 and earlier of affected products, there was also the\n potential for arbitrary code execution.\n", "edition": 1, "modified": "2012-10-16T22:08:48", "published": "2012-10-16T22:08:48", "id": "SUSE-SU-2012:1351-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:21:58", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2014-1505", "CVE-2014-1536", "CVE-2011-0061", "CVE-2011-0077", "CVE-2014-1513", "CVE-2012-0478", "CVE-2012-4193", "CVE-2012-0442", "CVE-2013-5601", "CVE-2013-1687", "CVE-2013-5612", "CVE-2013-1692", "CVE-2010-0654", "CVE-2012-1962", "CVE-2013-0743", "CVE-2012-0443", "CVE-2012-5842", "CVE-2012-4212", "CVE-2013-5595", "CVE-2010-0176", "CVE-2014-1530", "CVE-2011-0083", "CVE-2010-1203", "CVE-2013-1737", "CVE-2012-4214", "CVE-2008-1236", "CVE-2013-5611", "CVE-2012-1970", "CVE-2008-3835", "CVE-2013-1709", "CVE-2007-3738", "CVE-2012-3989", "CVE-2013-5616", "CVE-2013-1678", "CVE-2010-2762", "CVE-2012-5830", "CVE-2013-0763", "CVE-2014-1510", "CVE-2011-3026", "CVE-2012-0460", "CVE-2013-5613", "CVE-2012-1973", "CVE-2014-1522", "CVE-2011-3654", "CVE-2014-1567", "CVE-2012-1974", "CVE-2010-2766", "CVE-2012-4195", "CVE-2012-3986", "CVE-2013-0783", "CVE-2007-3734", "CVE-2011-2371", "CVE-2014-1481", "CVE-2013-1670", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2013-1719", "CVE-2012-3968", "CVE-2013-1725", "CVE-2012-3963", "CVE-2014-1539", "CVE-2010-0174", "CVE-2012-0452", "CVE-2013-1735", "CVE-2012-1956", "CVE-2014-1487", "CVE-2012-3978", "CVE-2012-3985", "CVE-2013-0746", "CVE-2012-5829", "CVE-2009-1571", "CVE-2012-1944", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2014-1538", "CVE-2012-4213", "CVE-2013-1685", "CVE-2012-0479", "CVE-2013-5609", "CVE-2007-3737", "CVE-2013-0766", "CVE-2007-3736", "CVE-2012-1940", "CVE-2013-1697", "CVE-2014-1484", "CVE-2014-1525", "CVE-2012-3993", "CVE-2013-5619", "CVE-2012-5837", "CVE-2008-5500", "CVE-2012-5836", "CVE-2014-1509", "CVE-2009-0772", "CVE-2013-0787", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2014-1494", "CVE-2014-1559", "CVE-2013-0747", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2014-1537", "CVE-2013-1694", "CVE-2014-1523", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2013-5615", "CVE-2013-1680", "CVE-2012-3962", "CVE-2012-0459", "CVE-2011-2362", "CVE-2014-1529", "CVE-2013-1724", "CVE-2010-1213", "CVE-2013-5597", "CVE-2012-5843", "CVE-2014-1543", "CVE-2014-1486", "CVE-2011-0085", "CVE-2013-5590", "CVE-2008-5510", "CVE-2011-0080", "CVE-2013-0780", "CVE-2008-5502", "CVE-2010-3765", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2008-1237", "CVE-2013-1720", "CVE-2008-4070", "CVE-2013-0748", "CVE-2012-4183", "CVE-2010-3178", "CVE-2013-1679", "CVE-2007-3285", "CVE-2013-5610", "CVE-2013-0768", "CVE-2011-3661", "CVE-2012-4181", "CVE-2014-1532", "CVE-2013-6671", "CVE-2009-0040", "CVE-2011-3652", "CVE-2013-0755", "CVE-2008-4067", "CVE-2014-1548", "CVE-2011-2364", "CVE-2014-1531", "CVE-2013-0752", "CVE-2012-4186", "CVE-2014-1508", "CVE-2012-1948", "CVE-2008-5012", "CVE-2012-1938", "CVE-2013-0796", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2014-1502", "CVE-2013-1723", "CVE-2013-0782", "CVE-2012-1953", "CVE-2012-1949", "CVE-2014-1542", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3169", "CVE-2012-3970", "CVE-2011-0053", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2010-3768", "CVE-2014-1477", "CVE-2013-0800", "CVE-2010-1212", "CVE-2013-1681", "CVE-2010-1211", "CVE-2010-1121", "CVE-2013-0773", "CVE-2013-0754", "CVE-2010-3167", "CVE-2012-4202", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2014-1540", "CVE-2014-1534", "CVE-2012-1941", "CVE-2013-1738", "CVE-2014-1482", "CVE-2014-1479", "CVE-2008-4066", "CVE-2008-5018", "CVE-2012-3984", "CVE-2014-1504", "CVE-2012-0444", "CVE-2011-3650", "CVE-2014-1511", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2012-4182", "CVE-2008-1233", "CVE-2012-4187", "CVE-2012-3983", "CVE-2011-0062", "CVE-2008-0016", "CVE-2011-3101", "CVE-2010-3168", "CVE-2013-0788", "CVE-2013-1728", "CVE-2014-1545", "CVE-2010-0173", "CVE-2012-0472", "CVE-2013-5592", "CVE-2013-1730", "CVE-2008-4059", "CVE-2010-2764", "CVE-2014-1492", "CVE-2011-0081", "CVE-2009-0771", "CVE-2007-3670", "CVE-2012-1954", "CVE-2009-0774", "CVE-2014-1556", "CVE-2012-0461", "CVE-2011-2376", "CVE-2012-3958", "CVE-2012-0469", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-1512", "CVE-2012-1975", "CVE-2011-0075", "CVE-2013-1690", "CVE-2012-0464", "CVE-2013-0775", "CVE-2012-1967", "CVE-2013-5604", "CVE-2014-1514", "CVE-2010-3166", "CVE-2011-0074", "CVE-2013-0801", "CVE-2012-3956", "CVE-2010-2769", "CVE-2012-3982", "CVE-2009-3555", "CVE-2013-1714", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-5021", "CVE-2008-5017", "CVE-2013-0769", "CVE-2012-3966", "CVE-2013-0771", "CVE-2014-1490", "CVE-2012-5839", "CVE-2013-0757", "CVE-2014-1498", "CVE-2012-1961", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2014-1565", "CVE-2012-3967", "CVE-2013-0749", "CVE-2011-3651", "CVE-2008-4060", "CVE-2007-3656", "CVE-2008-1234", "CVE-2012-1951", "CVE-2012-0475", "CVE-2014-1555", "CVE-2014-1564", "CVE-2012-1952", "CVE-2010-1201", "CVE-2013-0761", "CVE-2013-1669", "CVE-2010-1585", "CVE-2012-3959", "CVE-2012-0455", "CVE-2014-1558", "CVE-2011-0084", "CVE-2012-0759", "CVE-2007-3089", "CVE-2014-1519", "CVE-2013-1701", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2013-1684", "CVE-2008-4058", "CVE-2012-4184", "CVE-2012-0447", "CVE-2014-1547", "CVE-2011-3232", "CVE-2012-4205", "CVE-2014-1480", "CVE-2014-1500", "CVE-2011-0069", "CVE-2013-6630", "CVE-2008-5022", "CVE-2008-5512", "CVE-2014-1497", "CVE-2013-5596", "CVE-2012-3992", "CVE-2008-1235", "CVE-2013-1676", "CVE-2013-0789", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2013-1675", "CVE-2014-1478", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-0445", "CVE-2012-0462", "CVE-2012-4217", "CVE-2013-1686", "CVE-2013-0745", "CVE-2013-0756", "CVE-2012-4218", "CVE-2013-0760", "CVE-2011-2377", "CVE-2014-1485", "CVE-2014-1493", "CVE-2007-3735", "CVE-2011-3000", "CVE-2010-2765", "CVE-2014-1544", "CVE-2010-2767", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2013-0767", "CVE-2010-3182", "CVE-2009-0776", "CVE-2013-5603", "CVE-2012-1959", "CVE-2011-2363", "CVE-2011-0070", "CVE-2013-1682", "CVE-2012-1947", "CVE-2013-6673", "CVE-2013-1674", "CVE-2013-0762", "CVE-2014-1562", "CVE-2010-3170", "CVE-2011-3005", "CVE-2012-4208", "CVE-2011-3658", "CVE-2014-1541", "CVE-2011-2373", "CVE-2008-5511", "CVE-2011-2992", "CVE-2014-1488", "CVE-2012-1957", "CVE-2012-1958", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2014-1552", "CVE-2010-3183", "CVE-2010-1202", "CVE-2012-0468", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-1549", "CVE-2013-1713", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2008-4061", "CVE-2013-5591", "CVE-2010-1199", "CVE-2012-4204", "CVE-2013-5602", "CVE-2011-2985", "CVE-2012-4192", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2013-0774", "CVE-2008-5024", "CVE-2013-0753", "CVE-2012-5833", "CVE-2014-1557", "CVE-2013-1736", "CVE-2014-1526", "CVE-2013-0776", "CVE-2012-3964", "CVE-2013-5593", "CVE-2014-1550", "CVE-2013-1718", "CVE-2012-5841", "CVE-2014-1533", "CVE-2013-1717", "CVE-2010-2754", "CVE-2008-5507", "CVE-2012-3990", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2008-4065", "CVE-2013-1693", "CVE-2010-2760", "CVE-2013-0750", "CVE-2012-1937", "CVE-2014-1560", "CVE-2012-4215", "CVE-2013-6629", "CVE-2012-0463", "CVE-2013-1677", "CVE-2011-2991", "CVE-2013-0770", "CVE-2013-0793", "CVE-2012-4179", "CVE-2011-3001", "CVE-2014-1483", "CVE-2014-1489", "CVE-2011-3062", "CVE-2012-0477", "CVE-2013-1722", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2013-1710", "CVE-2012-0467", "CVE-2012-0458", "CVE-2013-0758", "CVE-2013-5600", "CVE-2010-2752", "CVE-2014-1499", "CVE-2014-1518", "CVE-2012-0471", "CVE-2012-3961", "CVE-2014-1561", "CVE-2012-3971", "CVE-2013-0764", "CVE-2014-1528", "CVE-2013-5618", "CVE-2011-0072"], "description": "This patch contains security updates for\n\n * mozilla-nss 3.16.4\n - The following 1024-bit root CA certificate was restored to allow more\n time to develop a better transition strategy for affected sites. It\n was removed in NSS 3.16.3, but discussion in the\n mozilla.dev.security.policy forum led to the decision to keep this\n root included longer in order to give website administrators more time\n to update their web servers.\n - CN = GTE CyberTrust Global Root\n * In NSS 3.16.3, the 1024-bit &quot;Entrust.net Secure Server Certification\n Authority&quot; root CA certificate was removed. In NSS 3.16.4, a 2048-bit\n intermediate CA certificate has been included, without explicit trust.\n The intention is to mitigate the effects of the previous removal of\n the 1024-bit Entrust.net root certificate, because many public\n Internet sites still use the &quot;USERTrust Legacy Secure Server CA&quot;\n intermediate certificate that is signed by the 1024-bit Entrust.net\n root certificate. The inclusion of the intermediate certificate is a\n temporary measure to allow those sites to function, by allowing them\n to find a trust path to another 2048-bit root CA certificate. The\n temporarily included intermediate certificate expires November 1, 2015.\n\n * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance\n for version 24 stopped\n\n", "edition": 1, "modified": "2014-09-09T18:04:16", "published": "2014-09-09T18:04:16", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00004.html", "id": "OPENSUSE-SU-2014:1100-1", "title": "Firefox update to 31.1esr (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-02T11:40:17", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others \ndiscovered several memory corruption flaws in Thunderbird. If a user were \ntricked into opening a malicious website and had JavaScript enabled, an \nattacker could exploit these to execute arbitrary JavaScript code within \nthe context of another website or arbitrary code as the user invoking the \nprogram. (CVE-2012-3982, CVE-2012-3983, CVE-2012-3988, CVE-2012-3989, \nCVE-2012-4191)\n\nDavid Bloom and Jordi Chancel discovered that Thunderbird did not always \nproperly handle the element. If a user were tricked into opening a \nmalicious website and had JavaScript enabled, a remote attacker could \nexploit this to conduct URL spoofing and clickjacking attacks. \n(CVE-2012-3984)\n\nCollin Jackson discovered that Thunderbird did not properly follow the \nHTML5 specification for document.domain behavior. If a user were tricked \ninto opening a malicious website and had JavaScript enabled, a remote \nattacker could exploit this to conduct cross-site scripting (XSS) attacks \nvia JavaScript execution. (CVE-2012-3985)\n\nJohnny Stenback discovered that Thunderbird did not properly perform \nsecurity checks on test methods for DOMWindowUtils. (CVE-2012-3986)\n\nAlice White discovered that the security checks for GetProperty could be \nbypassed when using JSAPI. If a user were tricked into opening a specially \ncrafted web page and had JavaScript enabled, a remote attacker could \nexploit this to execute arbitrary code as the user invoking the program. \n(CVE-2012-3991)\n\nMariusz Mlynski discovered a history state error in Thunderbird. If a user \nwere tricked into opening a malicious website and had JavaScript enabled, a \nremote attacker could exploit this to spoof the location property to inject \nscript or intercept posted data. (CVE-2012-3992)\n\nMariusz Mlynski and others discovered several flaws in Thunderbird that \nallowed a remote attacker to conduct cross-site scripting (XSS) attacks. \nWith cross-site scripting vulnerabilities, if a user were tricked into \nviewing a specially crafted page and had JavaScript enabled, a remote \nattacker could exploit these to modify the contents, or steal confidential \ndata, within the same domain. (CVE-2012-3993, CVE-2012-3994, CVE-2012-4184)\n\nAbhishek Arya, Atte Kettunen and others discovered several memory flaws in \nThunderbird when using the Address Sanitizer tool. If a user were tricked \ninto opening a malicious website and had JavaScript enabled, an attacker \ncould exploit these to execute arbitrary JavaScript code within the context \nof another website or execute arbitrary code as the user invoking the \nprogram. (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, \nCVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, \nCVE-2012-4187, CVE-2012-4188)\n\nIt was discovered that Thunderbird allowed improper access to the Location \nobject. An attacker could exploit this to obtain sensitive information. \nUnder certain circumstances, a remote attacker could use this vulnerability \nto potentially execute arbitrary code as the user invoking the program. \n(CVE-2012-4192, CVE-2012-4193)", "edition": 5, "modified": "2012-10-12T00:00:00", "published": "2012-10-12T00:00:00", "id": "USN-1611-1", "href": "https://ubuntu.com/security/notices/USN-1611-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:45", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-3987", "CVE-2012-4190", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "\nThe Mozilla Project reports:\n\n MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/\n\t rv:10.0.8)\nMFSA 2012-75 select element persistance allows for attacks\nMFSA 2012-76 Continued access to initial origin after setting\n\t document.domain\nMFSA 2012-77 Some DOMWindowUtils methods bypass security checks\nMFSA 2012-78 Reader Mode pages have chrome privileges\nMFSA 2012-79 DOS and crash with full screen and history navigation\nMFSA 2012-80 Crash with invalid cast when using instanceof\n\t operator\nMFSA 2012-81 GetProperty function can bypass security checks\nMFSA 2012-82 top object and location property accessible by\n\t plugins\nMFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces\n\t to privileged functions or properties\nMFSA 2012-84 Spoofing and script injection through location.hash\nMFSA 2012-85 Use-after-free, buffer overflow, and out of bounds\n\t read issues found using Address Sanitizer\nMFSA 2012-86 Heap memory corruption issues found using Address\n\t Sanitizer\nMFSA 2012-87 Use-after-free in the IME State Manager\nMFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)\nMFSA 2012-89 defaultValue security checks not applied\n\n", "edition": 4, "modified": "2012-10-11T00:00:00", "published": "2012-10-09T00:00:00", "id": "6E5A9AFD-12D3-11E2-B47D-C8600054B392", "href": "https://vuxml.freebsd.org/freebsd/6e5a9afd-12d3-11e2-b47d-c8600054b392.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-4930", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-3977", "CVE-2012-4180", "CVE-2012-3987", "CVE-2012-4190", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179", "CVE-2012-4196"], "description": "Information leakage, multiple memory corruptions, crossite scripting, etc.", "edition": 1, "modified": "2012-10-29T00:00:00", "published": "2012-10-29T00:00:00", "id": "SECURITYVULNS:VULN:12639", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12639", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:13", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2009-0355", "CVE-2011-0061", "CVE-2011-0077", "CVE-2012-0478", "CVE-2012-4193", "CVE-2011-1202", "CVE-2012-0442", "CVE-2010-3772", "CVE-2011-0071", "CVE-2009-2470", "CVE-2010-0654", "CVE-2009-3388", "CVE-2012-1962", "CVE-2012-0443", "CVE-2011-3866", "CVE-2011-0068", "CVE-2012-5842", "CVE-2012-4212", "CVE-2009-2477", "CVE-2009-1563", "CVE-2010-0176", "CVE-2011-3640", "CVE-2011-0083", "CVE-2010-1203", "CVE-2009-3076", "CVE-2012-1970", "CVE-2009-3389", "CVE-2008-3835", "CVE-2012-3989", "CVE-2010-2762", "CVE-2012-5830", "CVE-2012-4210", "CVE-2009-1305", "CVE-2011-3026", "CVE-2009-3979", "CVE-2011-2370", "CVE-2012-0460", "CVE-2012-1973", "CVE-2009-3376", "CVE-2011-2369", "CVE-2011-2998", "CVE-2011-3654", "CVE-2011-2605", "CVE-2009-1833", "CVE-2010-0165", "CVE-2012-1974", "CVE-2010-0220", "CVE-2010-2766", "CVE-2011-2993", "CVE-2012-4195", "CVE-2010-0168", "CVE-2012-3986", "CVE-2010-0160", "CVE-2009-1169", "CVE-2011-2371", "CVE-2009-3379", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2012-5354", "CVE-2012-4206", "CVE-2009-3071", "CVE-2012-3968", "CVE-2010-1214", "CVE-2012-3963", "CVE-2010-0174", "CVE-2010-0172", "CVE-2009-2535", "CVE-2012-0452", "CVE-2009-1312", "CVE-2012-1956", "CVE-2012-3978", "CVE-2012-3985", "CVE-2011-2995", "CVE-2012-5829", "CVE-2009-1571", "CVE-2008-5505", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2009-2210", "CVE-2009-2478", "CVE-2008-6961", "CVE-2012-0479", "CVE-2012-0450", "CVE-2012-1940", "CVE-2012-3993", "CVE-2008-5500", "CVE-2012-5836", "CVE-2009-3274", "CVE-2010-1125", "CVE-2009-0772", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2010-3131", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2012-3976", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2010-0170", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2007-2436", "CVE-2012-3962", "CVE-2010-2770", "CVE-2010-3774", "CVE-2012-0459", "CVE-2011-2362", "CVE-2009-1304", "CVE-2010-1213", "CVE-2010-3177", "CVE-2012-5843", "CVE-2009-1835", "CVE-2011-0085", "CVE-2009-0352", "CVE-2009-3984", "CVE-2009-3380", "CVE-2008-5510", "CVE-2011-0080", "CVE-2012-1950", "CVE-2008-5502", "CVE-2009-3981", "CVE-2010-3765", "CVE-2010-0167", "CVE-2009-3373", "CVE-2009-3980", "CVE-2008-4070", "CVE-2012-4183", "CVE-2010-3178", "CVE-2012-1994", "CVE-2011-3661", "CVE-2009-3383", "CVE-2012-4181", "CVE-2011-3652", "CVE-2009-1311", "CVE-2011-1712", "CVE-2008-4067", "CVE-2010-1210", "CVE-2011-2364", "CVE-2009-2469", "CVE-2011-0073", "CVE-2010-1197", "CVE-2010-1207", "CVE-2009-0652", "CVE-2012-4186", "CVE-2012-1948", "CVE-2008-5012", "CVE-2011-2982", "CVE-2012-1938", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2009-1838", "CVE-2012-1953", "CVE-2008-5013", "CVE-2012-1949", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3773", "CVE-2009-1309", "CVE-2011-0079", "CVE-2010-3169", "CVE-2009-2662", "CVE-2012-3970", "CVE-2011-2997", "CVE-2011-0053", "CVE-2009-1832", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2012-1966", "CVE-2010-3768", "CVE-2009-3372", "CVE-2010-2763", "CVE-2011-0066", "CVE-2010-1212", "CVE-2009-1837", "CVE-2010-1206", "CVE-2010-1211", "CVE-2009-2464", "CVE-2011-2990", "CVE-2010-1121", "CVE-2009-0356", "CVE-2011-3389", "CVE-2010-0164", "CVE-2008-3836", "CVE-2010-3167", "CVE-2012-4202", "CVE-2007-2671", "CVE-2011-2984", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2009-3986", "CVE-2012-1941", "CVE-2009-2408", "CVE-2010-3399", "CVE-2009-2665", "CVE-2008-4066", "CVE-2008-5018", "CVE-2009-3978", "CVE-2012-3984", "CVE-2009-0354", "CVE-2009-3079", "CVE-2011-0056", "CVE-2012-0444", "CVE-2011-3650", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2010-1215", "CVE-2012-4182", "CVE-2011-2980", "CVE-2012-4187", "CVE-2008-4069", "CVE-2010-0166", "CVE-2011-3647", "CVE-2011-0065", "CVE-2011-0062", "CVE-2008-0016", "CVE-2009-0358", "CVE-2011-3101", "CVE-2010-3168", "CVE-2010-0173", "CVE-2009-1044", "CVE-2008-5513", "CVE-2008-4059", "CVE-2010-2764", "CVE-2011-0081", "CVE-2009-0771", "CVE-2009-1392", "CVE-2008-5504", "CVE-2008-5019", "CVE-2012-1954", "CVE-2009-0774", "CVE-2009-3375", "CVE-2012-0461", "CVE-2011-2376", "CVE-2009-2472", "CVE-2012-3958", "CVE-2009-0071", "CVE-2008-5023", "CVE-2012-0469", "CVE-2010-3171", "CVE-2009-3072", "CVE-2012-3973", "CVE-2008-5822", "CVE-2012-1975", "CVE-2011-0075", "CVE-2012-0464", "CVE-2012-1967", "CVE-2011-3653", "CVE-2010-0648", "CVE-2010-0178", "CVE-2010-3166", "CVE-2010-0177", "CVE-2011-0074", "CVE-2012-3956", "CVE-2010-2769", "CVE-2011-3649", "CVE-2012-3982", "CVE-2009-3555", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-3837", "CVE-2009-0357", "CVE-2008-5021", "CVE-2008-5017", "CVE-2012-3966", "CVE-2012-5839", "CVE-2011-2378", "CVE-2009-1308", "CVE-2010-3775", "CVE-2009-2467", "CVE-2012-1961", "CVE-2010-5074", "CVE-2011-2996", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2012-3967", "CVE-2011-3651", "CVE-2008-4060", "CVE-2010-0181", "CVE-2012-1951", "CVE-2012-0475", "CVE-2012-3965", "CVE-2012-1952", "CVE-2010-1201", "CVE-2011-4688", "CVE-2009-1306", "CVE-2010-1585", "CVE-2009-2479", "CVE-2012-3959", "CVE-2012-0455", "CVE-2009-0777", "CVE-2010-2755", "CVE-2011-0084", "CVE-2011-0051", "CVE-2010-3767", "CVE-2012-1939", "CVE-2009-1834", "CVE-2010-3771", "CVE-2010-0183", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2008-0367", "CVE-2008-4058", "CVE-2011-3002", "CVE-2012-4184", "CVE-2011-0057", "CVE-2012-0447", "CVE-2011-3232", "CVE-2008-5913", "CVE-2007-3073", "CVE-2012-4205", "CVE-2010-2751", "CVE-2009-1836", "CVE-2011-0069", "CVE-2008-5022", "CVE-2008-5512", "CVE-2012-3992", "CVE-2009-3374", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2011-3004", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2009-1839", "CVE-2012-1960", "CVE-2012-0445", "CVE-2009-3074", "CVE-2012-1965", "CVE-2011-3670", "CVE-2012-0462", "CVE-2010-1028", "CVE-2010-0162", "CVE-2011-2377", "CVE-2009-2463", "CVE-2009-2061", "CVE-2009-3070", "CVE-2012-3977", "CVE-2011-3000", "CVE-2010-2765", "CVE-2009-3069", "CVE-2010-0171", "CVE-2010-2767", "CVE-2009-0353", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2009-0775", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2009-2044", "CVE-2010-3182", "CVE-2009-0776", "CVE-2009-3371", "CVE-2009-3377", "CVE-2012-1959", "CVE-2011-2363", "CVE-2009-3075", "CVE-2010-0163", "CVE-2010-1208", "CVE-2011-0070", "CVE-2012-1947", "CVE-2009-1841", "CVE-2010-3170", "CVE-2011-3005", "CVE-2011-0059", "CVE-2012-1971", "CVE-2009-3983", "CVE-2012-4208", "CVE-2009-3987", "CVE-2011-3658", "CVE-2011-2373", "CVE-2008-5511", "CVE-2012-1957", "CVE-2012-1958", "CVE-2011-0054", "CVE-2012-4190", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2010-3183", "CVE-2009-2654", "CVE-2010-1202", "CVE-2012-0468", "CVE-2009-3982", "CVE-2009-3985", "CVE-2009-2065", "CVE-2009-1313", "CVE-2009-3382", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2010-3770", "CVE-2008-4061", "CVE-2010-1199", "CVE-2012-4204", "CVE-2008-0017", "CVE-2009-3988", "CVE-2010-3400", "CVE-2009-1302", "CVE-2011-2985", "CVE-2009-2466", "CVE-2012-4192", "CVE-2011-0058", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2008-5024", "CVE-2011-0076", "CVE-2007-2437", "CVE-2012-5833", "CVE-2011-2999", "CVE-2012-3964", "CVE-2012-5841", "CVE-2010-0179", "CVE-2010-1209", "CVE-2010-2754", "CVE-2008-5507", "CVE-2009-2471", "CVE-2012-3990", "CVE-2011-2375", "CVE-2010-1198", "CVE-2008-4065", "CVE-2009-1840", "CVE-2011-3665", "CVE-2009-3381", "CVE-2011-0067", "CVE-2010-2760", "CVE-2012-1937", "CVE-2012-4215", "CVE-2009-2043", "CVE-2009-1307", "CVE-2009-2664", "CVE-2012-0463", "CVE-2010-4508", "CVE-2009-1310", "CVE-2009-3077", "CVE-2011-3003", "CVE-2011-2991", "CVE-2008-5015", "CVE-2011-0082", "CVE-2011-2983", "CVE-2012-4179", "CVE-2008-4582", "CVE-2011-3001", "CVE-2012-1964", "CVE-2009-2462", "CVE-2009-3378", "CVE-2011-3062", "CVE-2009-1303", "CVE-2012-0477", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2009-2404", "CVE-2009-2465", "CVE-2012-0467", "CVE-2011-2981", "CVE-2012-0458", "CVE-2010-0169", "CVE-2010-2752", "CVE-2009-3078", "CVE-2012-0471", "CVE-2012-3961", "CVE-2010-3766", "CVE-2012-3971", "CVE-2008-5052", "CVE-2011-0055", "CVE-2009-1828", "CVE-2011-0072"], "description": "### Background\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the \u2018Mozilla Application Suite\u2019. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla\u2019s Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL\u2019s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser\u2019s font, conduct clickjacking attacks, or have other unspecified impact. \n\nA local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nAll users of the Mozilla Firefox binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nAll users of the Mozilla Thunderbird binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nAll Mozilla SeaMonkey users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-2.14-r1\"\n \n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-bin-2.14\"\n \n\nAll NSS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.14\"\n \n\nThe \u201cwww-client/mozilla-firefox\u201d package has been merged into the \u201cwww-client/firefox\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox\u201d and then emerge the latest \u201cwww-client/firefox\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nThe \u201cwww-client/mozilla-firefox-bin\u201d package has been merged into the \u201cwww-client/firefox-bin\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox-bin\u201d and then emerge the latest \u201cwww-client/firefox-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox-bin\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird\u201d package has been merged into the \u201cmail-client/thunderbird\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird\u201d and then emerge the latest \u201cmail-client/thunderbird\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird\"\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird-bin\u201d package has been merged into the \u201cmail-client/thunderbird-bin\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird-bin\u201d and then emerge the latest \u201cmail-client/thunderbird-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird-bin\"\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nGentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: \n \n \n # emerge --unmerge \"www-client/icecat\"\n \n\nGentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner\"\n \n\nGentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner-bin\"", "edition": 1, "modified": "2013-01-08T00:00:00", "published": "2013-01-08T00:00:00", "id": "GLSA-201301-01", "href": "https://security.gentoo.org/glsa/201301-01", "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}