ID CVE-2004-0757 Type cve Reporter cve@mitre.org Modified 2017-10-11T01:29:00
Description
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
{"nessus": [{"lastseen": "2019-02-21T01:11:45", "bulletinFamily": "scanner", "description": "zen-parse discovered a heap buffer overflow in Mozilla's POP client implementation. A malicious POP server could exploit this vulnerability to cause Mozilla to execute arbitrary code.", "modified": "2018-11-23T00:00:00", "id": "FREEBSD_PKG_C1D97A8B05ED11D9B45D000C41E2CDAD.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=37377", "published": "2009-04-23T00:00:00", "title": "FreeBSD : mozilla -- POP client heap overflow (c1d97a8b-05ed-11d9-b45d-000c41e2cdad)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37377);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/23 12:49:57\");\n\n script_cve_id(\"CVE-2004-0757\");\n\n script_name(english:\"FreeBSD : mozilla -- POP client heap overflow (c1d97a8b-05ed-11d9-b45d-000c41e2cdad)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"zen-parse discovered a heap buffer overflow in Mozilla's POP client\nimplementation. A malicious POP server could exploit this\nvulnerability to cause Mozilla to execute arbitrary code.\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=229374\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=229374\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=157644\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=157644\"\n );\n # https://vuxml.freebsd.org/freebsd/c1d97a8b-05ed-11d9-b45d-000c41e2cdad.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d8e098f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-mozilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mozilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:netscape7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mozilla<1.7,2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-mozilla<1.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"netscape7<7.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird<0.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:54", "bulletinFamily": "scanner", "description": "The following package needs to be updated: linux-mozilla", "modified": "2004-09-16T00:00:00", "published": "2004-09-16T00:00:00", "id": "FREEBSD_MOZILLA_172.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14756", "type": "nessus", "title": "FreeBSD : mozilla -- POP client heap overflow (116)", "sourceData": "# @DEPRECATED@\n#\n# This script has been deprecated by freebsd_pkg_c1d97a8b05ed11d9b45d000c41e2cdad.nasl.\n#\n# Disabled on 2011/10/02.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This script contains information extracted from VuXML :\n#\n# Copyright 2003-2006 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n#\n#\n\ninclude('compat.inc');\n\nif ( description )\n{\n script_id(14756);\n script_version(\"$Revision: 1.8 $\");\n script_cve_id(\"CVE-2004-0757\");\n\n script_name(english:\"FreeBSD : mozilla -- POP client heap overflow (116)\");\n\nscript_set_attribute(attribute:'synopsis', value: 'The remote host is missing a security update');\nscript_set_attribute(attribute:'description', value:'The following package needs to be updated: linux-mozilla');\nscript_set_attribute(attribute: 'cvss_vector', value: 'CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C');\nscript_set_attribute(attribute:'solution', value: 'Update the package on the remote host');\nscript_set_attribute(attribute: 'see_also', value: 'http://bugzilla.mozilla.org/show_bug.cgi?id=157644\nhttp://bugzilla.mozilla.org/show_bug.cgi?id=229374\nhttp://fedoralegacy.org/updates/RH7.3/2004-10-23-FLSA_2004_1947__Updated_glibc_packages_fix_flaws.html\nhttp://mozillanews.org/?article_date=2004-12-08+06-48-46\nhttp://rhn.redhat.com/errata/RHSA-2004-059.html\nhttp://secunia.com/advisories/13129/\nhttp://secunia.com/advisories/13254/\nhttp://secunia.com/multiple_browsers_window_injection_vulnerability_test/\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-09.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-10.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-11.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-12.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-13.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-14.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-15.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-16.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-17.html\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=103638\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=273699');\nscript_set_attribute(attribute:'see_also', value: 'http://www.FreeBSD.org/ports/portaudit/c1d97a8b-05ed-11d9-b45d-000c41e2cdad.html');\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/09/16\");\n script_end_attributes();\n script_summary(english:\"Check for linux-mozilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2010 Tenable Network Security, Inc.\");\n family[\"english\"] = \"FreeBSD Local Security Checks\";\n script_family(english:family[\"english\"]);\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/FreeBSD/pkg_info\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"This plugin has been deprecated. Refer to plugin #37377 (freebsd_pkg_c1d97a8b05ed11d9b45d000c41e2cdad.nasl) instead.\");\n\nglobal_var cvss_score;\ncvss_score=10;\ninclude('freebsd_package.inc');\n\n\npkg_test(pkg:\"mozilla<1.7,2\");\n\npkg_test(pkg:\"linux-mozilla<1.7\");\n\npkg_test(pkg:\"netscape7<7.2\");\n\npkg_test(pkg:\"thunderbird<0.7\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:08:02", "bulletinFamily": "scanner", "description": "Updated mozilla packages based on version 1.4.3 that fix a number of security issues for Red Hat Enterprise Linux are now available.\n\nMozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.\n\nA number of flaws have been found in Mozilla 1.4 that have been fixed in the Mozilla 1.4.3 release :\n\nZen Parse reported improper input validation to the SOAPParameter object constructor leading to an integer overflow and controllable heap corruption. Malicious JavaScript could be written to utilize this flaw and could allow arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0722 to this issue.\n\nDuring a source code audit, Chris Evans discovered a buffer overflow and integer overflows which affect the libpng code inside Mozilla. An attacker could create a carefully crafted PNG file in such a way that it would cause Mozilla to crash or execute arbitrary code when the image was viewed. (CVE-2004-0597, CVE-2004-0599)\n\nZen Parse reported a flaw in the POP3 capability. A malicious POP3 server could send a carefully crafted response that would cause a heap overflow and potentially allow execution of arbitrary code as the user running Mozilla. (CVE-2004-0757)\n\nMarcel Boesch found a flaw that allows a CA certificate to be imported with a DN the same as that of the built-in CA root certificates, which can cause a denial of service to SSL pages, as the malicious certificate is treated as invalid. (CVE-2004-0758)\n\nMet - Martin Hassman reported a flaw in Mozilla that could allow malicious JavaScript code to upload local files from a users machine without requiring confirmation. (CVE-2004-0759)\n\nMindlock Security reported a flaw in ftp URI handling. By using a NULL character (%00) in a ftp URI, Mozilla can be confused into opening a resource as a different MIME type. (CVE-2004-0760)\n\nMozilla does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates website spoofing and other attacks, also known as the frame injection vulnerability. (CVE-2004-0718)\n\nTolga Tarhan reported a flaw that can allow a malicious webpage to use a redirect sequence to spoof the security lock icon that makes a webpage appear to be encrypted. (CVE-2004-0761)\n\nJesse Ruderman reported a security issue that affects a number of browsers including Mozilla that could allow malicious websites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. (CVE-2004-0762)\n\nEmmanouel Kellinis discovered a caching flaw in Mozilla which allows malicious websites to spoof certificates of trusted websites via redirects and JavaScript that uses the 'onunload' method.\n(CVE-2004-0763)\n\nMozilla allowed malicious websites to hijack the user interface via the 'chrome' flag and XML User Interface Language (XUL) files.\n(CVE-2004-0764)\n\nThe cert_TestHostName function in Mozilla only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN). This flaw could be used for spoofing if an attacker had control of machines on a default DNS search path. (CVE-2004-0765)\n\nAll users are advised to update to these erratum packages which contain a snapshot of Mozilla 1.4.3 including backported fixes and are not vulnerable to these issues.", "modified": "2018-11-27T00:00:00", "id": "REDHAT-RHSA-2004-421.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14214", "published": "2004-08-05T00:00:00", "title": "RHEL 2.1 / 3 : mozilla (RHSA-2004:421)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:421. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14214);\n script_version (\"1.32\");\n script_cvs_date(\"Date: 2018/11/27 13:31:31\");\n\n script_cve_id(\"CVE-2004-0597\", \"CVE-2004-0599\", \"CVE-2004-0718\", \"CVE-2004-0722\", \"CVE-2004-0757\", \"CVE-2004-0758\", \"CVE-2004-0759\", \"CVE-2004-0760\", \"CVE-2004-0761\", \"CVE-2004-0762\", \"CVE-2004-0763\", \"CVE-2004-0764\", \"CVE-2004-0765\");\n script_xref(name:\"RHSA\", value:\"2004:421\");\n\n script_name(english:\"RHEL 2.1 / 3 : mozilla (RHSA-2004:421)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mozilla packages based on version 1.4.3 that fix a number of\nsecurity issues for Red Hat Enterprise Linux are now available.\n\nMozilla is an open source Web browser, advanced email and newsgroup\nclient, IRC chat client, and HTML editor.\n\nA number of flaws have been found in Mozilla 1.4 that have been fixed\nin the Mozilla 1.4.3 release :\n\nZen Parse reported improper input validation to the SOAPParameter\nobject constructor leading to an integer overflow and controllable\nheap corruption. Malicious JavaScript could be written to utilize this\nflaw and could allow arbitrary code execution. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2004-0722 to this issue.\n\nDuring a source code audit, Chris Evans discovered a buffer overflow\nand integer overflows which affect the libpng code inside Mozilla. An\nattacker could create a carefully crafted PNG file in such a way that\nit would cause Mozilla to crash or execute arbitrary code when the\nimage was viewed. (CVE-2004-0597, CVE-2004-0599)\n\nZen Parse reported a flaw in the POP3 capability. A malicious POP3\nserver could send a carefully crafted response that would cause a heap\noverflow and potentially allow execution of arbitrary code as the user\nrunning Mozilla. (CVE-2004-0757)\n\nMarcel Boesch found a flaw that allows a CA certificate to be imported\nwith a DN the same as that of the built-in CA root certificates, which\ncan cause a denial of service to SSL pages, as the malicious\ncertificate is treated as invalid. (CVE-2004-0758)\n\nMet - Martin Hassman reported a flaw in Mozilla that could allow\nmalicious JavaScript code to upload local files from a users machine\nwithout requiring confirmation. (CVE-2004-0759)\n\nMindlock Security reported a flaw in ftp URI handling. By using a NULL\ncharacter (%00) in a ftp URI, Mozilla can be confused into opening a\nresource as a different MIME type. (CVE-2004-0760)\n\nMozilla does not properly prevent a frame in one domain from injecting\ncontent into a frame that belongs to another domain, which facilitates\nwebsite spoofing and other attacks, also known as the frame injection\nvulnerability. (CVE-2004-0718)\n\nTolga Tarhan reported a flaw that can allow a malicious webpage to use\na redirect sequence to spoof the security lock icon that makes a\nwebpage appear to be encrypted. (CVE-2004-0761)\n\nJesse Ruderman reported a security issue that affects a number of\nbrowsers including Mozilla that could allow malicious websites to\ninstall arbitrary extensions by using interactive events to manipulate\nthe XPInstall Security dialog box. (CVE-2004-0762)\n\nEmmanouel Kellinis discovered a caching flaw in Mozilla which allows\nmalicious websites to spoof certificates of trusted websites via\nredirects and JavaScript that uses the 'onunload' method.\n(CVE-2004-0763)\n\nMozilla allowed malicious websites to hijack the user interface via\nthe 'chrome' flag and XML User Interface Language (XUL) files.\n(CVE-2004-0764)\n\nThe cert_TestHostName function in Mozilla only checks the hostname\nportion of a certificate when the hostname portion of the URI is not a\nfully qualified domain name (FQDN). This flaw could be used for\nspoofing if an attacker had control of machines on a default DNS\nsearch path. (CVE-2004-0765)\n\nAll users are advised to update to these erratum packages which\ncontain a snapshot of Mozilla 1.4.3 including backported fixes and are\nnot vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0718\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0765\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=236618\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=236618\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=251381\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=251381\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=229374\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=229374\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=249004\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=249004\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=241924\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=241924\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=250906\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=250906\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=246448\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=246448\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=240053\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=240053\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=162020\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=162020\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=253121\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=253121\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=244965\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=244965\"\n );\n # http://bugzilla.mozilla.org/show_bug.cgi?id=234058\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=234058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:421\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:galeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(2\\.1|3)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:421\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"galeon-1.2.13-3.2.1\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-chat-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-devel-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-dom-inspector-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-js-debugger-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-mail-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-nspr-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-nspr-devel-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-nss-1.4.3-2.1.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mozilla-nss-devel-1.4.3-2.1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-chat-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-devel-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-dom-inspector-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-js-debugger-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-mail-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-nspr-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-nspr-devel-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-nss-1.4.3-3.0.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mozilla-nss-devel-1.4.3-3.0.2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"galeon / mozilla / mozilla-chat / mozilla-devel / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:08:38", "bulletinFamily": "scanner", "description": "New Mozilla packages are available for Slackware 9.1, 10.0, and\n-current to fix a number of security issues. Slackware 10.0 and\n-current were upgraded to Mozilla 1.7.2, and Slackware 9.1 was upgraded to Mozilla 1.4.3. As usual, new versions of Mozilla require new versions of things that link with the Mozilla libraries, so for Slackware 10.0 and -current new versions of epiphany, galeon, gaim, and mozilla-plugins have also been provided. There don't appear to be epiphany and galeon versions that are compatible with Mozilla 1.4.3 and the GNOME in Slackware 9.1, so these are not provided and Epiphany and Galeon will be broken on Slackware 9.1 if the new Mozilla package is installed. Furthermore, earlier versions of Mozilla (such as the 1.3 series) were not fixed upstream, so versions of Slackware earlier than 9.1 will remain vulnerable to these browser issues. If you still use Slackware 9.0 or earlier, you may want to consider removing Mozilla or upgrading to a newer version.", "modified": "2013-11-14T00:00:00", "id": "SLACKWARE_SSA_2004-223-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=18794", "published": "2005-07-13T00:00:00", "title": "Slackware 10.0 / 9.1 / current : Mozilla (SSA:2004-223-01)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2004-223-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18794);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2013/11/14 18:42:59 $\");\n\n script_cve_id(\"CVE-2004-0597\", \"CVE-2004-0598\", \"CVE-2004-0599\", \"CVE-2004-0718\", \"CVE-2004-0722\", \"CVE-2004-0757\", \"CVE-2004-0758\", \"CVE-2004-0759\", \"CVE-2004-0760\", \"CVE-2004-0761\", \"CVE-2004-0762\", \"CVE-2004-0763\", \"CVE-2004-0764\", \"CVE-2004-0765\");\n script_xref(name:\"SSA\", value:\"2004-223-01\");\n\n script_name(english:\"Slackware 10.0 / 9.1 / current : Mozilla (SSA:2004-223-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New Mozilla packages are available for Slackware 9.1, 10.0, and\n-current to fix a number of security issues. Slackware 10.0 and\n-current were upgraded to Mozilla 1.7.2, and Slackware 9.1 was\nupgraded to Mozilla 1.4.3. As usual, new versions of Mozilla require\nnew versions of things that link with the Mozilla libraries, so for\nSlackware 10.0 and -current new versions of epiphany, galeon, gaim,\nand mozilla-plugins have also been provided. There don't appear to be\nepiphany and galeon versions that are compatible with Mozilla 1.4.3\nand the GNOME in Slackware 9.1, so these are not provided and Epiphany\nand Galeon will be broken on Slackware 9.1 if the new Mozilla package\nis installed. Furthermore, earlier versions of Mozilla (such as the\n1.3 series) were not fixed upstream, so versions of Slackware earlier\nthan 9.1 will remain vulnerable to these browser issues. If you still\nuse Slackware 9.0 or earlier, you may want to consider removing\nMozilla or upgrading to a newer version.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.667659\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?38dd43e4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:epiphany\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:galeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mozilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mozilla-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"mozilla\", pkgver:\"1.4.3\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"9.1\", pkgname:\"mozilla-plugins\", pkgver:\"1.4.3\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"epiphany\", pkgver:\"1.2.7\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"10.0\", pkgname:\"gaim\", pkgver:\"0.81\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"10.0\", pkgname:\"galeon\", pkgver:\"1.3.17\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"10.0\", pkgname:\"mozilla\", pkgver:\"1.7.2\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"10.0\", pkgname:\"mozilla-plugins\", pkgver:\"1.7.2\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"epiphany\", pkgver:\"1.2.7\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"gaim\", pkgver:\"0.81\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"galeon\", pkgver:\"1.3.17\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"mozilla\", pkgver:\"1.7.2\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"mozilla-plugins\", pkgver:\"1.7.2\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:08:03", "bulletinFamily": "scanner", "description": "A number of security vulnerabilities in mozilla are addressed by this update for Mandrakelinux 10.0 users, including a fix for frame spoofing, a fixed popup XPInstall/security dialog bug, a fix for untrusted chrome calls, a fix for SSL certificate spoofing, a fix for stealing secure HTTP Auth passwords via DNS spoofing, a fix for insecure matching of cert names for non-FQDNs, a fix for focus redefinition from another domain, a fix for a SOAP parameter overflow, a fix for text drag on file entry, a fix for certificate DoS, and a fix for lock icon and cert spoofing.\n\nAdditionally, mozilla for both Mandrakelinux 9.2 and 10.0 have been rebuilt to use the system libjpeg and libpng which addresses vulnerabilities discovered in libpng (ref: MDKSA-2004:079).", "modified": "2018-11-15T00:00:00", "id": "MANDRAKE_MDKSA-2004-082.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14331", "published": "2004-08-22T00:00:00", "title": "Mandrake Linux Security Advisory : mozilla (MDKSA-2004:082)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:082. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14331);\n script_version (\"1.19\");\n script_cvs_date(\"Date: 2018/11/15 20:50:22\");\n\n script_cve_id(\"CVE-2004-0597\", \"CVE-2004-0598\", \"CVE-2004-0599\", \"CVE-2004-0718\", \"CVE-2004-0722\", \"CVE-2004-0757\", \"CVE-2004-0758\", \"CVE-2004-0759\", \"CVE-2004-0760\", \"CVE-2004-0761\", \"CVE-2004-0762\", \"CVE-2004-0763\", \"CVE-2004-0764\", \"CVE-2004-0765\", \"CVE-2004-0779\", \"CVE-2004-1449\", \"CVE-2005-1937\");\n script_xref(name:\"MDKSA\", value:\"2004:082\");\n\n script_name(english:\"Mandrake Linux Security Advisory : mozilla (MDKSA-2004:082)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of security vulnerabilities in mozilla are addressed by this\nupdate for Mandrakelinux 10.0 users, including a fix for frame\nspoofing, a fixed popup XPInstall/security dialog bug, a fix for\nuntrusted chrome calls, a fix for SSL certificate spoofing, a fix for\nstealing secure HTTP Auth passwords via DNS spoofing, a fix for\ninsecure matching of cert names for non-FQDNs, a fix for focus\nredefinition from another domain, a fix for a SOAP parameter overflow,\na fix for text drag on file entry, a fix for certificate DoS, and a\nfix for lock icon and cert spoofing.\n\nAdditionally, mozilla for both Mandrakelinux 9.2 and 10.0 have been\nrebuilt to use the system libjpeg and libpng which addresses\nvulnerabilities discovered in libpng (ref: MDKSA-2004:079).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=149478\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=162020\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=206859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=226278\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=229374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=234058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=236618\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=239580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=240053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=244965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=246448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=249004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugzilla.mozilla.org/show_bug.cgi?id=253121\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=86028\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nspr4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nspr4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nss3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nss3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnspr4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnspr4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnss3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnss3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-enigmime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-irc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-spellchecker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64nspr4-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64nspr4-devel-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64nss3-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64nss3-devel-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libnspr4-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libnspr4-devel-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libnss3-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libnss3-devel-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-devel-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-dom-inspector-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-enigmail-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-enigmime-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-irc-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-js-debugger-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-mail-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mozilla-spellchecker-1.6-12.1.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64nspr4-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64nspr4-devel-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64nss3-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64nss3-devel-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libnspr4-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libnspr4-devel-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libnss3-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libnss3-devel-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-devel-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-dom-inspector-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-enigmail-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-enigmime-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-irc-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-js-debugger-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-mail-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"mozilla-spellchecker-1.4-13.3.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cert": [{"lastseen": "2019-10-09T19:52:18", "bulletinFamily": "info", "description": "### Overview \n\nA vulnerability in the way Mozilla handles certain types of POP3 responses could allow a remote attacker to execute arbitrary code on an affected system.\n\n### Description \n\nPost Office Protocol Version 3 ([POP3](<http://www.ietf.org/rfc/rfc1939.txt>)) is a mail protocol that provides a means for retrieving email from a remote server. This protocol is supported by [Mozilla](<http://www.mozilla.org/products/mozilla1.x/>), [Firefox](<http://www.mozilla.org/products/firefox/>), and [Thunderbird](<http://www.mozilla.org/products/thunderbird/>). These clients contain a vulnerability that allows malformed POP3 responses to trigger a buffer overflow condition in the `SendUidl()` function. Such responses can be sent by a remote POP3 server and could result in arbitrary code execution. \n \n--- \n \n### Impact \n\nBy sending a specially crafted POP3 response to an affected client, a remote attacker could cause the client to crash or potentially execute arbitrary code. Exploitation of this vulnerability would require a user to connect to a malicious POP3 server. \n \n--- \n \n### Solution \n\n**Upgrade**\n\nUpgrade as specified by your vendor. This issue has been resolved in Mozilla 1.7, Firefox 0.9, and Thunderbird 0.7.2. \n \n--- \n \n### Vendor Information\n\n561022\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Mozilla\n\nUpdated: August 20, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23561022 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7>\n * <http://bugzilla.mozilla.org/show_bug.cgi?id=229374>\n * <http://xforce.iss.net/xforce/xfdb/16869>\n * <http://www.redhat.com/support/errata/RHSA-2004-421.html>\n * <http://secunia.com/advisories/10856/>\n * <http://www.ciac.org/ciac/bulletins/o-195.shtml>\n * [http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.667659](<http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.667659>)\n\n### Acknowledgements\n\nThis vulnerability was reported by Zen Parse.\n\nThis document was written by Damon Morda.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2004-0757](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0757>) \n---|--- \n**Severity Metric:****** | 2.70 \n**Date Public:** | 2004-05-29 \n**Date First Published:** | 2004-08-20 \n**Date Last Updated: ** | 2004-08-20 15:13 UTC \n**Document Revision: ** | 17 \n", "modified": "2004-08-20T15:13:00", "published": "2004-08-20T00:00:00", "id": "VU:561022", "href": "https://www.kb.cert.org/vuls/id/561022", "type": "cert", "title": "Mozilla contains a buffer overflow in the SendUidl() function", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-02T21:10:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-22T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52393", "id": "OPENVAS:52393", "title": "FreeBSD Ports: mozilla", "type": "openvas", "sourceData": "#\n#VID c1d97a8b-05ed-11d9-b45d-000c41e2cdad\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n mozilla\n linux-mozilla\n netscape7\n thunderbird\n\nCVE-2004-0757\nHeap-based buffer overflow in the SendUidl in the POP3 capability for\nMozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7,\nmay allow remote POP3 mail servers to execute arbitrary code.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://bugzilla.mozilla.org/show_bug.cgi?id=229374\nhttp://bugzilla.mozilla.org/show_bug.cgi?id=157644\nhttp://www.vuxml.org/freebsd/c1d97a8b-05ed-11d9-b45d-000c41e2cdad.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52393);\n script_version(\"$Revision: 4128 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-22 07:37:51 +0200 (Thu, 22 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(15495);\n script_cve_id(\"CVE-2004-0757\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"mozilla\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.7,2\")<0) {\n txt += 'Package mozilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-mozilla\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.7\")<0) {\n txt += 'Package linux-mozilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"netscape7\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.2\")<0) {\n txt += 'Package netscape7 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.7\")<0) {\n txt += 'Package thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:13", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-dom-inspector\n mozilla-venkman\n mozilla-mail\n mozilla\n mozilla-calendar\n mozilla-irc\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016546 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065531", "id": "OPENVAS:136141256231065531", "type": "openvas", "title": "SLES9: Security update for Mozilla", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5016546.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Mozilla\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-dom-inspector\n mozilla-venkman\n mozilla-mail\n mozilla\n mozilla-calendar\n mozilla-irc\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016546 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65531\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0718\", \"CVE-2004-0722\", \"CVE-2004-0757\", \"CVE-2004-0758\", \"CVE-2004-0759\", \"CVE-2004-0760\", \"CVE-2004-0761\", \"CVE-2004-0762\", \"CVE-2004-0763\", \"CVE-2004-0764\", \"CVE-2004-0765\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla-dom-inspector\", rpm:\"mozilla-dom-inspector~1.6~74.8\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:11", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-dom-inspector\n mozilla-venkman\n mozilla-mail\n mozilla\n mozilla-calendar\n mozilla-irc\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016546 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65531", "id": "OPENVAS:65531", "title": "SLES9: Security update for Mozilla", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5016546.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Mozilla\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-dom-inspector\n mozilla-venkman\n mozilla-mail\n mozilla\n mozilla-calendar\n mozilla-irc\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016546 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65531);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0718\", \"CVE-2004-0722\", \"CVE-2004-0757\", \"CVE-2004-0758\", \"CVE-2004-0759\", \"CVE-2004-0760\", \"CVE-2004-0761\", \"CVE-2004-0762\", \"CVE-2004-0763\", \"CVE-2004-0764\", \"CVE-2004-0765\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla-dom-inspector\", rpm:\"mozilla-dom-inspector~1.6~74.8\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:32", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2004-223-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231053919", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231053919", "title": "Slackware Advisory SSA:2004-223-01 Mozilla ", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2004_223_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.53919\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2004-0597\", \"CVE-2004-0598\", \"CVE-2004-0599\", \"CVE-2004-0763\", \"CVE-2004-0758\", \"CVE-2004-0718\", \"CVE-2004-0722\", \"CVE-2004-0757\", \"CVE-2004-0759\", \"CVE-2004-0760\", \"CVE-2004-0761\", \"CVE-2004-0762\", \"CVE-2004-0764\", \"CVE-2004-0765\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2004-223-01 Mozilla \");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(9\\.1|10\\.0)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-223-01\");\n\n script_tag(name:\"insight\", value:\"New Mozilla packages are available for Slackware 9.1, 10.0, and -current\nto fix a number of security issues. Slackware 10.0 and -current were\nupgraded to Mozilla 1.7.2, and Slackware 9.1 was upgraded to Mozilla 1.4.3.\nAs usual, new versions of Mozilla require new versions of things that link\nwith the Mozilla libraries, so for Slackware 10.0 and -current new versions\nof epiphany, galeon, gaim, and mozilla-plugins have also been provided.\nThere don't appear to be epiphany and galeon versions that are compatible\nwith Mozilla 1.4.3 and the GNOME in Slackware 9.1, so these are not\nprovided and Epiphany and Galeon will be broken on Slackware 9.1 if the\nnew Mozilla package is installed. Furthermore, earlier versions of\nMozilla (such as the 1.3 series) were not fixed upstream, so versions\nof Slackware earlier than 9.1 will remain vulnerable to these browser\nissues. If you still use Slackware 9.0 or earlier, you may want to\nconsider removing Mozilla or upgrading to a newer version.\n\nFor more details on the outsanding problems, please visit\nthe referenced security advisory.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2004-223-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"mozilla\", ver:\"1.4.3-i486-1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-plugins\", ver:\"1.4.3-noarch-1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla\", ver:\"1.7.2-i486-1\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-plugins\", ver:\"1.7.2-noarch-1\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"epiphany\", ver:\"1.2.7-i486-1\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gaim\", ver:\"0.81-i486-1\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"galeon\", ver:\"1.3.17-i486-1\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-18T11:13:07", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2004-223-01.", "modified": "2017-09-15T00:00:00", "published": "2012-09-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53919", "id": "OPENVAS:53919", "title": "Slackware Advisory SSA:2004-223-01 Mozilla", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2004_223_01.nasl 7141 2017-09-15 09:58:49Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New Mozilla packages are available for Slackware 9.1, 10.0, and -current\nto fix a number of security issues. Slackware 10.0 and -current were\nupgraded to Mozilla 1.7.2, and Slackware 9.1 was upgraded to Mozilla 1.4.3.\nAs usual, new versions of Mozilla require new versions of things that link\nwith the Mozilla libraries, so for Slackware 10.0 and -current new versions\nof epiphany, galeon, gaim, and mozilla-plugins have also been provided.\nThere don't appear to be epiphany and galeon versions that are compatible\nwith Mozilla 1.4.3 and the GNOME in Slackware 9.1, so these are not\nprovided and Epiphany and Galeon will be broken on Slackware 9.1 if the\nnew Mozilla package is installed. Furthermore, earlier versions of\nMozilla (such as the 1.3 series) were not fixed upstream, so versions\nof Slackware earlier than 9.1 will remain vulnerable to these browser\nissues. If you still use Slackware 9.0 or earlier, you may want to\nconsider removing Mozilla or upgrading to a newer version.\n\nFor more details on the outsanding problems, please visit\nthe referenced security advisory.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2004-223-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-223-01\";\n \nif(description)\n{\n script_id(53919);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-15 11:58:49 +0200 (Fri, 15 Sep 2017) $\");\n script_cve_id(\"CVE-2004-0597\", \"CVE-2004-0598\", \"CVE-2004-0599\", \"CVE-2004-0763\", \"CVE-2004-0758\", \"CVE-2004-0718\", \"CVE-2004-0722\", \"CVE-2004-0757\", \"CVE-2004-0759\", \"CVE-2004-0760\", \"CVE-2004-0761\", \"CVE-2004-0762\", \"CVE-2004-0764\", \"CVE-2004-0765\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 7141 $\");\n name = \"Slackware Advisory SSA:2004-223-01 Mozilla \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"mozilla\", ver:\"1.4.3-i486-1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla-plugins\", ver:\"1.4.3-noarch-1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla\", ver:\"1.7.2-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla-plugins\", ver:\"1.7.2-noarch-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"epiphany\", ver:\"1.2.7-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"0.81-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"galeon\", ver:\"1.3.17-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:35:13", "bulletinFamily": "unix", "description": "\nzen-parse discovered a heap buffer overflow in Mozilla's\n\t POP client implementation. A malicious POP server\n\t could exploit this vulnerability to cause Mozilla to execute\n\t arbitrary code.\n", "modified": "2004-07-22T00:00:00", "published": "2004-07-22T00:00:00", "id": "C1D97A8B-05ED-11D9-B45D-000C41E2CDAD", "href": "https://vuxml.freebsd.org/freebsd/c1d97a8b-05ed-11d9-b45d-000c41e2cdad.html", "title": "mozilla -- POP client heap overflow", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:03", "bulletinFamily": "software", "description": "## Vulnerability Description\nMozilla contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a maliciously configured POP3 server overwrites heap memory in the users browser. It is possible that the flaw may allow remote code execution allowing system access and resulting in a loss of confidentiality and integrity.\n## Solution Description\nUpgrade to version 1.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nMozilla contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a maliciously configured POP3 server overwrites heap memory in the users browser. It is possible that the flaw may allow remote code execution allowing system access and resulting in a loss of confidentiality and integrity.\n## References:\n[Vendor Specific Advisory URL](http://bugzilla.mozilla.org/show_bug.cgi?id=229374)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt)\n[Vendor Specific Advisory URL](http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7)\n[Secunia Advisory ID:15432](https://secuniaresearch.flexerasoftware.com/advisories/15432/)\n[Secunia Advisory ID:17645](https://secuniaresearch.flexerasoftware.com/advisories/17645/)\n[Secunia Advisory ID:12234](https://secuniaresearch.flexerasoftware.com/advisories/12234/)\n[Secunia Advisory ID:12283](https://secuniaresearch.flexerasoftware.com/advisories/12283/)\n[Secunia Advisory ID:10856](https://secuniaresearch.flexerasoftware.com/advisories/10856/)\n[Secunia Advisory ID:12747](https://secuniaresearch.flexerasoftware.com/advisories/12747/)\nRedHat RHSA: RHSA-2004:421-17\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:082\nOther Advisory URL: http://www.suse.de/de/security/2004_36_mozilla.html\nOther Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.25/SCOSA-2005.25.txt\nKeyword: SCOSA-2005.49\nISS X-Force ID: 16869\n[CVE-2004-0757](https://vulners.com/cve/CVE-2004-0757)\n", "modified": "2004-08-03T00:00:00", "published": "2004-08-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:8303", "id": "OSVDB:8303", "type": "osvdb", "title": "Mozilla Browsers SendUidl POP3 Overflow", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:54", "bulletinFamily": "unix", "description": "Mozilla is an open source Web browser, advanced email and newsgroup\nclient, IRC chat client, and HTML editor.\n\nA number of flaws have been found in Mozilla 1.4 that have been fixed in\nthe Mozilla 1.4.3 release: \n\nZen Parse reported improper input validation to the SOAPParameter object\nconstructor leading to an integer overflow and controllable heap\ncorruption. Malicious JavaScript could be written to utilize this flaw and\ncould allow arbitrary code execution. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-0722 to\nthis issue.\n\nDuring a source code audit, Chris Evans discovered a buffer overflow and\ninteger overflows which affect the libpng code inside Mozilla. An attacker\ncould create a carefully crafted PNG file in such a way that it would cause\nMozilla to crash or execute arbitrary code when the image was viewed.\n(CAN-2004-0597, CAN-2004-0599)\n\nZen Parse reported a flaw in the POP3 capability. A malicious POP3 server\ncould send a carefully crafted response that would cause a heap overflow\nand potentially allow execution of arbitrary code as the user running\nMozilla. (CAN-2004-0757)\n\nMarcel Boesch found a flaw that allows a CA certificate to be imported with\na DN the same as that of the built-in CA root certificates, which can cause\na denial of service to SSL pages, as the malicious certificate is treated\nas invalid. (CAN-2004-0758)\n\nMet - Martin Hassman reported a flaw in Mozilla that could allow malicious\nJavascript code to upload local files from a users machine without\nrequiring confirmation. (CAN-2004-0759)\n\nMindlock Security reported a flaw in ftp URI handling. By using a NULL\ncharacter (%00) in a ftp URI, Mozilla can be confused into opening a\nresource as a different MIME type. (CAN-2004-0760)\n\nMozilla does not properly prevent a frame in one domain from injecting\ncontent into a frame that belongs to another domain, which facilitates\nwebsite spoofing and other attacks, also known as the frame injection\nvulnerability. (CAN-2004-0718)\n\nTolga Tarhan reported a flaw that can allow a malicious webpage to use a\nredirect sequence to spoof the security lock icon that makes a webpage\nappear to be encrypted. (CAN-2004-0761)\n\nJesse Ruderman reported a security issue that affects a number of browsers\nincluding Mozilla that could allow malicious websites to install arbitrary\nextensions by using interactive events to manipulate the XPInstall Security\ndialog box. (CAN-2004-0762)\n\nEmmanouel Kellinis discovered a caching flaw in Mozilla which allows\nmalicious websites to spoof certificates of trusted websites via\nredirects and Javascript that uses the \"onunload\" method. (CAN-2004-0763)\n\nMozilla allowed malicious websites to hijack the user interface via the\n\"chrome\" flag and XML User Interface Language (XUL) files. (CAN-2004-0764)\n\nThe cert_TestHostName function in Mozilla only checks the hostname portion\nof a certificate when the hostname portion of the URI is not a fully\nqualified domain name (FQDN). This flaw could be used for spoofing if an\nattacker had control of machines on a default DNS search path. (CAN-2004-0765)\n\nAll users are advised to update to these erratum packages which contain a\nsnapshot of Mozilla 1.4.3 including backported fixes and are not vulnerable\nto these issues.", "modified": "2019-03-22T23:43:47", "published": "2004-08-04T04:00:00", "id": "RHSA-2004:421", "href": "https://access.redhat.com/errata/RHSA-2004:421", "type": "redhat", "title": "(RHSA-2004:421) mozilla security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:41:56", "bulletinFamily": "unix", "description": "The Common Unix Printing System (CUPS) enables local and remote users to obtain printing functionallity via the Internet Printing Protocol (IPP). Alvaro Martinez Echevarria has found a remote Denial of Service condition within CUPS which allows remote users to make the cups server unresponsive. Additionally the SUSE Security Team has discovered a flaw in the foomatic-rip print filter which is commonly installed along with cups. It allows remote attackers, which are listed in the printing ACLs, to execute arbitrary commands as the printing user 'lp'.\n#### Solution\nIf you use CUPS, we recommend an update in any case. Additionally the IPP port (TCP port 631) should be firewalled and the printing ACLs should be set up in a way to reflect the local security policy.", "modified": "2004-09-15T14:45:26", "published": "2004-09-15T14:45:26", "id": "SUSE-SA:2004:031", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-09/msg00010.html", "title": "remote code execution in cups", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:19:06", "bulletinFamily": "unix", "description": "gdk-pixbuf is an image loading and rendering library mostly used by GTK and GNOME applications. It is distributed as a separate package for gtk1 and integrated into the gtk2 package. Chris Evans has discovered a heap based, a stack based and an integer overflow in the XPM and ICO loaders of those libraries. The overflows can be exploited by tricking an application to display a malformed image to make it crash or to execute code.\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2004-09-17T10:02:50", "published": "2004-09-17T10:02:50", "id": "SUSE-SA:2004:033", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-09/msg00012.html", "title": "remote code execution in gtk2, gdk-pixbuf", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-04-13T01:00:44", "bulletinFamily": "unix", "description": "During the last months a number of security problems have been fixed in Mozilla and Mozilla based brwosers. These include:\n#### Solution\nSince there is no workaround, we recommend an update in any case if you use the mozilla browser.", "modified": "2004-10-06T13:11:21", "published": "2004-10-06T13:11:21", "id": "SUSE-SA:2004:036", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-10/msg00006.html", "title": "various vulnerabilities in mozilla", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:19:39", "bulletinFamily": "unix", "description": "Chris Evans reported three vulnerabilities in libXpm which can be exploited remotely by providing malformed XPM image files. The function xpmParseColors() is vulnerable to an integer overflow and a stack-based buffer overflow. The functions ParseAndPutPixels() as well as ParsePixels() is vulnerable to a stack-based buffer overflow too. Additionally Matthieu Herrb found two one-byte buffer overflows.\n#### Solution\nThere is no workaround known.", "modified": "2004-09-17T13:37:17", "published": "2004-09-17T13:37:17", "id": "SUSE-SA:2004:034", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-09/msg00013.html", "type": "suse", "title": "remote command execution in XFree86-libs, xshared", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:45:49", "bulletinFamily": "unix", "description": "The mod_ssl apache module, as part of our apache2 package, enables the apache webserver to handle the HTTPS protocol. Within the mod_ssl module, two Denial of Service conditions in the input filter have been found. The CVE project assigned the identifiers CAN-2004-0748 and CAN-2004-0751 to these issues.\n#### Solution\nAs temporary workaround you may disable the mod_ssl module in your apache configuration and restart the apache process without SSL support.", "modified": "2004-09-06T13:51:41", "published": "2004-09-06T13:51:41", "id": "SUSE-SA:2004:030", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-09/msg00009.html", "title": "remote DoS condition in apache2", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:10:59", "bulletinFamily": "unix", "description": "The Samba server, which allows to share files and resources via the SMB/CIFS protocol, contains a bug in the sanitation code of path names which allows remote attackers to access files outside of the defined share. In order to access these files, they must be readable by the account used for the SMB session. CAN-2004-0815 has been assigned to this issue.\n#### Solution\nAs a temporary workaround you can set the wide links = no option in smb.conf and restart the samba server. However an update is recommended nevertheless.", "modified": "2004-10-05T14:57:32", "published": "2004-10-05T14:57:32", "id": "SUSE-SA:2004:035", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-10/msg00005.html", "type": "suse", "title": "remote file disclosure in samba", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:57:20", "bulletinFamily": "unix", "description": "The Apache daemon is running on most of the web-servers used in the Internet today. The Red Hat ASF Security-Team and the Swedish IT Incident Center within the National Post and Telecom Agency (SITIC) have found a bug in apache2 each. The first vulnerability appears in the apr_uri_parse() function while handling IPv6 addresses. The affected code passes a negative length argument to the memcpy() function. On BSD systems this can lead to remote command execution due to the nature of the memcpy() implementation. On Linux this bug will result in a remote denial-of-service condition. The second bug is a local buffer overflow that occurs while expanding ${ENVVAR} in the .htaccess and httpd.conf file. Both files are not writeable by normal user by default.\n#### Solution\nThere is no known workaround.", "modified": "2004-09-15T15:46:39", "published": "2004-09-15T15:46:39", "id": "SUSE-SA:2004:032", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-09/msg00011.html", "title": "remote denial-of-service in apache2", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2019-05-30T07:37:26", "bulletinFamily": "unix", "description": "New Mozilla packages are available for Slackware 9.1, 10.0, and -current\nto fix a number of security issues. Slackware 10.0 and -current were\nupgraded to Mozilla 1.7.2, and Slackware 9.1 was upgraded to Mozilla 1.4.3.\nAs usual, new versions of Mozilla require new versions of things that link\nwith the Mozilla libraries, so for Slackware 10.0 and -current new versions\nof epiphany, galeon, gaim, and mozilla-plugins have also been provided.\nThere don't appear to be epiphany and galeon versions that are compatible\nwith Mozilla 1.4.3 and the GNOME in Slackware 9.1, so these are not\nprovided and Epiphany and Galeon will be broken on Slackware 9.1 if the\nnew Mozilla package is installed. Furthermore, earlier versions of\nMozilla (such as the 1.3 series) were not fixed upstream, so versions\nof Slackware earlier than 9.1 will remain vulnerable to these browser\nissues. If you still use Slackware 9.0 or earlier, you may want to\nconsider removing Mozilla or upgrading to a newer version.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n Issues fixed in Mozilla 1.7.2:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758\n\n Issues fixed in Mozilla 1.4.3:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0718\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0722\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0757\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0759\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0760\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0761\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0762\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0764\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0765\n\n\nHere are the details from the Slackware 10.0 ChangeLog:\n\nMon Aug 9 01:56:43 PDT 2004\npatches/packages/epiphany-1.2.7-i486-1.tgz: Upgraded to epiphany-1.2.7.\n (compiled against Mozilla 1.7.2)\npatches/packages/gaim-0.81-i486-1.tgz: Upgraded to gaim-0.81.\n (compiled against Mozilla 1.7.2)\npatches/packages/galeon-1.3.17-i486-1.tgz: Upgraded to galeon-1.3.17.\n (compiled against Mozilla 1.7.2)\npatches/packages/mozilla-1.7.2-i486-1.tgz: Upgraded to Mozilla 1.7.2. This\n fixes three security vulnerabilities. For details, see:\n http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2\n (* Security fix *)\npatches/packages/mozilla-plugins-1.7.2-noarch-1.tgz: Changed plugin symlinks\n for Mozilla 1.7.2.\n\nWhere to find the new packages:\n\nUpdated packages for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/mozilla-1.4.3-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/mozilla-plugins-1.4.3-noarch-1.tgz\n\nUpdated packages for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mozilla-1.7.2-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mozilla-plugins-1.7.2-noarch-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/epiphany-1.2.7-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/gaim-0.81-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/galeon-1.3.17-i486-1.tgz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-1.7.2-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-plugins-1.7.2-noarch-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/gnome/epiphany-1.2.7-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/gnome/galeon-1.3.17-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-0.81-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 9.1 packages:\n29515193166b9b618be405a71b5e9a59 mozilla-1.4.3-i486-1.tgz\n49d537be814de72a3d62a5cc9f6e3b15 mozilla-plugins-1.4.3-noarch-1.tgz\n\nSlackware 10.0 packages:\n612a65758f03fe08a44e004b1ae92d70 mozilla-1.7.2-i486-1.tgz\n55da20d3c7acdd50a3b4abfe12191069 mozilla-plugins-1.7.2-noarch-1.tgz\n86034039fbf6b52584e05701a0598ca4 epiphany-1.2.7-i486-1.tgz\nc3f238fdba8684948d8817d7cf0db567 gaim-0.81-i486-1.tgz\n0e8393b8f1b992dc7804fe925a839755 galeon-1.3.17-i486-1.tgz\n\nSlackware -current packages:\n612a65758f03fe08a44e004b1ae92d70 mozilla-1.7.2-i486-1.tgz\n55da20d3c7acdd50a3b4abfe12191069 mozilla-plugins-1.7.2-noarch-1.tgz\n86034039fbf6b52584e05701a0598ca4 epiphany-1.2.7-i486-1.tgz\n0e8393b8f1b992dc7804fe925a839755 galeon-1.3.17-i486-1.tgz\nddb7281b985c6b7efb20afc69e5c2ffb gaim-0.81-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg mozilla-1.7.2-i486-1.tgz \\\n mozilla-plugins-1.7.2-noarch-1.tgz \\\n epiphany-1.2.7-i486-1.tgz \\\n gaim-0.81-i486-1.tgz \\\n galeon-1.3.17-i486-1.tgz", "modified": "2004-08-10T14:17:12", "published": "2004-08-10T14:17:12", "id": "SSA-2004-223-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.667659", "title": "Mozilla", "type": "slackware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
