ID CVE-2016-1975 Type cve Reporter cve@mitre.org Modified 2016-12-03T03:23:00
Description
Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
{"mozilla": [{"lastseen": "2016-09-05T13:37:37", "bulletinFamily": "software", "cvelist": ["CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1975", "CVE-2016-1970", "CVE-2016-1976"], "edition": 1, "description": "Security researcher Ronald Crane reported five \"moderate\" rated\nvulnerabilities affecting released code that were found through code inspection. These\nincluded the following issues in WebRTC: an integer underflow, a missing status check,\nrace condition, and a use of deleted pointers to create new object. A race condition in\nLibVPX was also identified. These do not all have clear mechanisms to be exploited through\nweb content but are vulnerable if a mechanism can be found to trigger them.\nThis issue only affects Windows systems. Linux, OS X, and Android systems are unaffected.", "modified": "2016-03-08T00:00:00", "published": "2016-03-08T00:00:00", "id": "MFSA2016-32", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2016-32/", "type": "mozilla", "title": "WebRTC and LibVPX vulnerabilities found through code inspection", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:47", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1953", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-1975", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-1955", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-1956", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1967", "CVE-2016-1954", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "description": "\nMozilla Foundation reports:\n\nMFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0\n\t / rv:38.7)\nMFSA 2016-17 Local file overwriting and potential\n\t privilege escalation through CSP reports\nMFSA 2016-18 CSP reports fail to strip location\n\t information for embedded iframe pages\nMFSA 2016-19 Linux video memory DOS with Intel\n\t drivers\nMFSA 2016-20 Memory leak in libstagefright when deleting\n\t an array during MP4 processing\nMFSA 2016-21 Displayed page address can be overridden\nMFSA 2016-22 Service Worker Manager out-of-bounds read in\n\t Service Worker Manager\nMFSA 2016-23 Use-after-free in HTML5 string parser\nMFSA 2016-24 Use-after-free in SetBody\nMFSA 2016-25 Use-after-free when using multiple WebRTC\n\t data channels\nMFSA 2016-26 Memory corruption when modifying a file\n\t being read by FileReader\nMFSA 2016-27 Use-after-free during XML\n\t transformations\nMFSA 2016-28 Addressbar spoofing though history\n\t navigation and Location protocol property\nMFSA 2016-29 Same-origin policy violation using\n\t perfomance.getEntries and history navigation with session\n\t restore\nMFSA 2016-31 Memory corruption with malicious NPAPI\n\t plugin\nMFSA 2016-32 WebRTC and LibVPX vulnerabilities found\n\t through code inspection\nMFSA 2016-33 Use-after-free in GetStaticInstance in\n\t WebRTC\nMFSA 2016-34 Out-of-bounds read in HTML parser following\n\t a failed allocation\n\n", "edition": 4, "modified": "2016-03-08T00:00:00", "published": "2016-03-08T00:00:00", "id": "2225C5B4-1E5A-44FC-9920-B3201C384A15", "href": "https://vuxml.freebsd.org/freebsd/2225c5b4-1e5a-44fc-9920-b3201c384a15.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-06T10:48:06", "description": "Mozilla Foundation reports :\n\nMFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)\n\nMFSA 2016-17 Local file overwriting and potential privilege escalation\nthrough CSP reports\n\nMFSA 2016-18 CSP reports fail to strip location information for\nembedded iframe pages\n\nMFSA 2016-19 Linux video memory DOS with Intel drivers\n\nMFSA 2016-20 Memory leak in libstagefright when deleting an array\nduring MP4 processing\n\nMFSA 2016-21 Displayed page address can be overridden\n\nMFSA 2016-22 Service Worker Manager out-of-bounds read in Service\nWorker Manager\n\nMFSA 2016-23 Use-after-free in HTML5 string parser\n\nMFSA 2016-24 Use-after-free in SetBody\n\nMFSA 2016-25 Use-after-free when using multiple WebRTC data channels\n\nMFSA 2016-26 Memory corruption when modifying a file being read by\nFileReader\n\nMFSA 2016-27 Use-after-free during XML transformations\n\nMFSA 2016-28 Addressbar spoofing though history navigation and\nLocation protocol property\n\nMFSA 2016-29 Same-origin policy violation using perfomance.getEntries\nand history navigation with session restore\n\nMFSA 2016-31 Memory corruption with malicious NPAPI plugin\n\nMFSA 2016-32 WebRTC and LibVPX vulnerabilities found through code\ninspection\n\nMFSA 2016-33 Use-after-free in GetStaticInstance in WebRTC\n\nMFSA 2016-34 Out-of-bounds read in HTML parser following a failed\nallocation", "edition": 27, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-09T00:00:00", "title": "FreeBSD : mozilla -- multiple vulnerabilities (2225c5b4-1e5a-44fc-9920-b3201c384a15)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1953", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-1975", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-1955", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-1956", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1967", "CVE-2016-1954", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2016-03-09T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:linux-firefox", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:libxul", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:firefox", "p-cpe:/a:freebsd:freebsd:thunderbird", "p-cpe:/a:freebsd:freebsd:firefox-esr"], "id": "FREEBSD_PKG_2225C5B41E5A44FC9920B3201C384A15.NASL", "href": "https://www.tenable.com/plugins/nessus/89765", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89765);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1970\", \"CVE-2016-1971\", \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\", \"CVE-2016-1976\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (2225c5b4-1e5a-44fc-9920-b3201c384a15)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Foundation reports :\n\nMFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)\n\nMFSA 2016-17 Local file overwriting and potential privilege escalation\nthrough CSP reports\n\nMFSA 2016-18 CSP reports fail to strip location information for\nembedded iframe pages\n\nMFSA 2016-19 Linux video memory DOS with Intel drivers\n\nMFSA 2016-20 Memory leak in libstagefright when deleting an array\nduring MP4 processing\n\nMFSA 2016-21 Displayed page address can be overridden\n\nMFSA 2016-22 Service Worker Manager out-of-bounds read in Service\nWorker Manager\n\nMFSA 2016-23 Use-after-free in HTML5 string parser\n\nMFSA 2016-24 Use-after-free in SetBody\n\nMFSA 2016-25 Use-after-free when using multiple WebRTC data channels\n\nMFSA 2016-26 Memory corruption when modifying a file being read by\nFileReader\n\nMFSA 2016-27 Use-after-free during XML transformations\n\nMFSA 2016-28 Addressbar spoofing though history navigation and\nLocation protocol property\n\nMFSA 2016-29 Same-origin policy violation using perfomance.getEntries\nand history navigation with session restore\n\nMFSA 2016-31 Memory corruption with malicious NPAPI plugin\n\nMFSA 2016-32 WebRTC and LibVPX vulnerabilities found through code\ninspection\n\nMFSA 2016-33 Use-after-free in GetStaticInstance in WebRTC\n\nMFSA 2016-34 Out-of-bounds read in HTML parser following a failed\nallocation\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-16/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-17/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-18/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-19/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-20/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-21/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-22/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-23/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-24/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-25/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-26/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-27/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-28/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-29/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-31/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-32/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-33/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-34/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\"\n );\n # https://vuxml.freebsd.org/freebsd/2225c5b4-1e5a-44fc-9920-b3201c384a15.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6acefea3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxul\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"firefox<45.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox<45.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey<2.42\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey<2.42\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"firefox-esr<38.7.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libxul<38.7.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird<38.7.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird<38.7.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T12:30:06", "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n - requires NSPR 4.12 / NSS 3.21.1\n\n - Instant browser tab sharing through Hello\n\n - Synced Tabs button in button bar\n\n - Tabs synced via Firefox Accounts from other devices are\n now shown in dropdown area of Awesome Bar when searching\n\n - Introduce a new preference (network.dns.blockDotOnion)\n to allow blocking .onion at the DNS level\n\n - Tab Groups (Panorama) feature removed\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file\n overwriting and potential privilege escalation through\n CSP reports\n\n - MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports\n fail to strip location information for embedded iframe\n pages\n\n - MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video\n memory DOS with Intel drivers\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4\n processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page\n address can be overridden\n\n - MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker\n Manager out-of-bounds read in Service Worker Manager\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)\n Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)\n Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free\n when using multiple WebRTC data channels\n\n - MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory\n corruption when modifying a file being read by\n FileReader\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free\n during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar\n spoofing though history navigation and Location protocol\n property\n\n - MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin\n policy violation using perfomance.getEntries and history\n navigation with session restore\n\n - MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow\n in Brotli decompression\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory\n corruption with malicious NPAPI plugin\n\n - MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX\n vulnerabilities found through code inspection\n\n - MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free\n in GetStaticInstance in WebRTC\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds\n read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\n\n mozilla-nspr was updated to version 4.12\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\n mozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n\n - required for Firefox 45.0\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-14T00:00:00", "title": "openSUSE Security Update : Firefox (openSUSE-2016-334)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2016-03-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo", "p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nspr", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:mozilla-nspr-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nspr-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2016-334.NASL", "href": "https://www.tenable.com/plugins/nessus/89915", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-334.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89915);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1970\", \"CVE-2016-1971\", \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\", \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"openSUSE Security Update : Firefox (openSUSE-2016-334)\");\n script_summary(english:\"Check for the openSUSE-2016-334 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n - requires NSPR 4.12 / NSS 3.21.1\n\n - Instant browser tab sharing through Hello\n\n - Synced Tabs button in button bar\n\n - Tabs synced via Firefox Accounts from other devices are\n now shown in dropdown area of Awesome Bar when searching\n\n - Introduce a new preference (network.dns.blockDotOnion)\n to allow blocking .onion at the DNS level\n\n - Tab Groups (Panorama) feature removed\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file\n overwriting and potential privilege escalation through\n CSP reports\n\n - MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports\n fail to strip location information for embedded iframe\n pages\n\n - MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video\n memory DOS with Intel drivers\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4\n processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page\n address can be overridden\n\n - MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker\n Manager out-of-bounds read in Service Worker Manager\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)\n Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)\n Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free\n when using multiple WebRTC data channels\n\n - MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory\n corruption when modifying a file being read by\n FileReader\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free\n during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar\n spoofing though history navigation and Location protocol\n property\n\n - MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin\n policy violation using perfomance.getEntries and history\n navigation with session restore\n\n - MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow\n in Brotli decompression\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory\n corruption with malicious NPAPI plugin\n\n - MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX\n vulnerabilities found through code inspection\n\n - MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free\n in GetStaticInstance in WebRTC\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds\n read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\n\n mozilla-nspr was updated to version 4.12\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\n mozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n\n - required for Firefox 45.0\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1185033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1199923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1208946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1219339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1227052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1228103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1228754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1234949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1238440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1240760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1243178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1243335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1245264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1245528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1246014\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1246054\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1246742\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1246956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1249377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-branding-upstream-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-buildsymbols-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-debuginfo-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-debugsource-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-devel-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-translations-common-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-translations-other-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libfreebl3-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libfreebl3-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsoftokn3-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsoftokn3-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nspr-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nspr-debuginfo-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nspr-debugsource-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nspr-devel-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-certs-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-certs-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-debugsource-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-devel-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-sysinit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-sysinit-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-tools-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-tools-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.21.1-74.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / MozillaFirefox-branding-upstream / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T12:30:05", "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n - requires NSPR 4.12 / NSS 3.21.1\n\n - Instant browser tab sharing through Hello\n\n - Synced Tabs button in button bar\n\n - Tabs synced via Firefox Accounts from other devices are\n now shown in dropdown area of Awesome Bar when searching\n\n - Introduce a new preference (network.dns.blockDotOnion)\n to allow blocking .onion at the DNS level\n\n - Tab Groups (Panorama) feature removed\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file\n overwriting and potential privilege escalation through\n CSP reports\n\n - MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports\n fail to strip location information for embedded iframe\n pages\n\n - MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video\n memory DOS with Intel drivers\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4\n processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page\n address can be overridden\n\n - MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker\n Manager out-of-bounds read in Service Worker Manager\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)\n Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)\n Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free\n when using multiple WebRTC data channels\n\n - MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory\n corruption when modifying a file being read by\n FileReader\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free\n during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar\n spoofing though history navigation and Location protocol\n property\n\n - MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin\n policy violation using perfomance.getEntries and history\n navigation with session restore\n\n - MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow\n in Brotli decompression\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory\n corruption with malicious NPAPI plugin\n\n - MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX\n vulnerabilities found through code inspection\n\n - MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free\n in GetStaticInstance in WebRTC\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds\n read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\n\nmozilla-nspr was updated to version 4.12\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\nmozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n\n - required for Firefox 45.0\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-14T00:00:00", "title": "openSUSE Security Update : MozillaFirefox / mozilla-nspr / mozilla-nss (openSUSE-2016-332)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2016-03-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo", "p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nspr", "cpe:/o:novell:opensuse:42.1", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:mozilla-nspr-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:mozilla-nspr-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource"], "id": "OPENSUSE-2016-332.NASL", "href": "https://www.tenable.com/plugins/nessus/89913", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-332.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89913);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1970\", \"CVE-2016-1971\", \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\", \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"openSUSE Security Update : MozillaFirefox / mozilla-nspr / mozilla-nss (openSUSE-2016-332)\");\n script_summary(english:\"Check for the openSUSE-2016-332 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n - requires NSPR 4.12 / NSS 3.21.1\n\n - Instant browser tab sharing through Hello\n\n - Synced Tabs button in button bar\n\n - Tabs synced via Firefox Accounts from other devices are\n now shown in dropdown area of Awesome Bar when searching\n\n - Introduce a new preference (network.dns.blockDotOnion)\n to allow blocking .onion at the DNS level\n\n - Tab Groups (Panorama) feature removed\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file\n overwriting and potential privilege escalation through\n CSP reports\n\n - MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports\n fail to strip location information for embedded iframe\n pages\n\n - MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video\n memory DOS with Intel drivers\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4\n processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page\n address can be overridden\n\n - MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker\n Manager out-of-bounds read in Service Worker Manager\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)\n Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)\n Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free\n when using multiple WebRTC data channels\n\n - MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory\n corruption when modifying a file being read by\n FileReader\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free\n during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar\n spoofing though history navigation and Location protocol\n property\n\n - MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin\n policy violation using perfomance.getEntries and history\n navigation with session restore\n\n - MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow\n in Brotli decompression\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory\n corruption with malicious NPAPI plugin\n\n - MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX\n vulnerabilities found through code inspection\n\n - MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free\n in GetStaticInstance in WebRTC\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds\n read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\n\nmozilla-nspr was updated to version 4.12\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\nmozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n\n - required for Firefox 45.0\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaFirefox / mozilla-nspr / mozilla-nss packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-branding-upstream-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-buildsymbols-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-debuginfo-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-debugsource-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-devel-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-translations-common-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-translations-other-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libfreebl3-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libfreebl3-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsoftokn3-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsoftokn3-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nspr-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nspr-debuginfo-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nspr-debugsource-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nspr-devel-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-certs-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-certs-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-debugsource-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-devel-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-sysinit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-sysinit-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-tools-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-tools-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-branding-upstream-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-buildsymbols-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-debuginfo-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-debugsource-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-devel-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-translations-common-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-translations-other-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libfreebl3-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libfreebl3-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsoftokn3-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsoftokn3-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nspr-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nspr-debuginfo-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nspr-debugsource-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nspr-devel-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-certs-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-certs-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-debugsource-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-devel-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-sysinit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-sysinit-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-tools-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-tools-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.21.1-12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / MozillaFirefox-branding-upstream / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T04:08:17", "description": "The version of Firefox installed on the remote Windows host is prior\nto 45. It is, therefore, affected by multiple vulnerabilities, the\nmajority of which are remote code execution vulnerabilities. An\nunauthenticated, remote attacker can exploit these issues by\nconvincing a user to visit a specially crafted website, resulting in\nthe execution of arbitrary code in the context of the current user.", "edition": 29, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-11T00:00:00", "title": "Firefox < 45 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1969", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_45.NASL", "href": "https://www.tenable.com/plugins/nessus/89875", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89875);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2016-1950\",\n \"CVE-2016-1952\",\n \"CVE-2016-1953\",\n \"CVE-2016-1954\",\n \"CVE-2016-1955\",\n \"CVE-2016-1956\",\n \"CVE-2016-1957\",\n \"CVE-2016-1958\",\n \"CVE-2016-1959\",\n \"CVE-2016-1960\",\n \"CVE-2016-1961\",\n \"CVE-2016-1962\",\n \"CVE-2016-1963\",\n \"CVE-2016-1964\",\n \"CVE-2016-1965\",\n \"CVE-2016-1966\",\n \"CVE-2016-1967\",\n \"CVE-2016-1968\",\n \"CVE-2016-1969\",\n \"CVE-2016-1970\",\n \"CVE-2016-1971\",\n \"CVE-2016-1972\",\n \"CVE-2016-1973\",\n \"CVE-2016-1974\",\n \"CVE-2016-1975\",\n \"CVE-2016-1976\",\n \"CVE-2016-1977\",\n \"CVE-2016-1979\",\n \"CVE-2016-2790\",\n \"CVE-2016-2791\",\n \"CVE-2016-2792\",\n \"CVE-2016-2793\",\n \"CVE-2016-2794\",\n \"CVE-2016-2795\",\n \"CVE-2016-2796\",\n \"CVE-2016-2797\",\n \"CVE-2016-2798\",\n \"CVE-2016-2799\",\n \"CVE-2016-2800\",\n \"CVE-2016-2801\",\n \"CVE-2016-2802\"\n );\n script_xref(name:\"MFSA\", value:\"2016-16\");\n script_xref(name:\"MFSA\", value:\"2016-17\");\n script_xref(name:\"MFSA\", value:\"2016-18\");\n script_xref(name:\"MFSA\", value:\"2016-19\");\n script_xref(name:\"MFSA\", value:\"2016-20\");\n script_xref(name:\"MFSA\", value:\"2016-21\");\n script_xref(name:\"MFSA\", value:\"2016-22\");\n script_xref(name:\"MFSA\", value:\"2016-23\");\n script_xref(name:\"MFSA\", value:\"2016-24\");\n script_xref(name:\"MFSA\", value:\"2016-25\");\n script_xref(name:\"MFSA\", value:\"2016-26\");\n script_xref(name:\"MFSA\", value:\"2016-27\");\n script_xref(name:\"MFSA\", value:\"2016-28\");\n script_xref(name:\"MFSA\", value:\"2016-29\");\n script_xref(name:\"MFSA\", value:\"2016-30\");\n script_xref(name:\"MFSA\", value:\"2016-31\");\n script_xref(name:\"MFSA\", value:\"2016-32\");\n script_xref(name:\"MFSA\", value:\"2016-33\");\n script_xref(name:\"MFSA\", value:\"2016-34\");\n script_xref(name:\"MFSA\", value:\"2016-35\");\n script_xref(name:\"MFSA\", value:\"2016-36\");\n script_xref(name:\"MFSA\", value:\"2016-37\");\n script_xref(name:\"MFSA\", value:\"2016-38\");\n\n script_name(english:\"Firefox < 45 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Windows host is prior\nto 45. It is, therefore, affected by multiple vulnerabilities, the\nmajority of which are remote code execution vulnerabilities. An\nunauthenticated, remote attacker can exploit these issues by\nconvincing a user to visit a specially crafted website, resulting in\nthe execution of arbitrary code in the context of the current user.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox version 45 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'45', severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T03:45:03", "description": "The version of Firefox installed on the remote Mac OS X host is prior\nto 45. It is, therefore, affected by multiple vulnerabilities, the\nmajority of which are remote code execution vulnerabilities. An\nunauthenticated, remote attacker can exploit these issues by\nconvincing a user to visit a specially crafted website, resulting in\nthe execution of arbitrary code in the context of the current user.", "edition": 29, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-11T00:00:00", "title": "Firefox < 45 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1969", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOSX_FIREFOX_45.NASL", "href": "https://www.tenable.com/plugins/nessus/89873", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89873);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2016-1950\",\n \"CVE-2016-1952\",\n \"CVE-2016-1953\",\n \"CVE-2016-1954\",\n \"CVE-2016-1955\",\n \"CVE-2016-1956\",\n \"CVE-2016-1957\",\n \"CVE-2016-1958\",\n \"CVE-2016-1959\",\n \"CVE-2016-1960\",\n \"CVE-2016-1961\",\n \"CVE-2016-1962\",\n \"CVE-2016-1963\",\n \"CVE-2016-1964\",\n \"CVE-2016-1965\",\n \"CVE-2016-1966\",\n \"CVE-2016-1967\",\n \"CVE-2016-1968\",\n \"CVE-2016-1969\",\n \"CVE-2016-1970\",\n \"CVE-2016-1971\",\n \"CVE-2016-1972\",\n \"CVE-2016-1973\",\n \"CVE-2016-1974\",\n \"CVE-2016-1975\",\n \"CVE-2016-1976\",\n \"CVE-2016-1977\",\n \"CVE-2016-1979\",\n \"CVE-2016-2790\",\n \"CVE-2016-2791\",\n \"CVE-2016-2792\",\n \"CVE-2016-2793\",\n \"CVE-2016-2794\",\n \"CVE-2016-2795\",\n \"CVE-2016-2796\",\n \"CVE-2016-2797\",\n \"CVE-2016-2798\",\n \"CVE-2016-2799\",\n \"CVE-2016-2800\",\n \"CVE-2016-2801\",\n \"CVE-2016-2802\"\n );\n script_xref(name:\"MFSA\", value:\"2016-16\");\n script_xref(name:\"MFSA\", value:\"2016-17\");\n script_xref(name:\"MFSA\", value:\"2016-18\");\n script_xref(name:\"MFSA\", value:\"2016-19\");\n script_xref(name:\"MFSA\", value:\"2016-20\");\n script_xref(name:\"MFSA\", value:\"2016-21\");\n script_xref(name:\"MFSA\", value:\"2016-22\");\n script_xref(name:\"MFSA\", value:\"2016-23\");\n script_xref(name:\"MFSA\", value:\"2016-24\");\n script_xref(name:\"MFSA\", value:\"2016-25\");\n script_xref(name:\"MFSA\", value:\"2016-26\");\n script_xref(name:\"MFSA\", value:\"2016-27\");\n script_xref(name:\"MFSA\", value:\"2016-28\");\n script_xref(name:\"MFSA\", value:\"2016-29\");\n script_xref(name:\"MFSA\", value:\"2016-30\");\n script_xref(name:\"MFSA\", value:\"2016-31\");\n script_xref(name:\"MFSA\", value:\"2016-32\");\n script_xref(name:\"MFSA\", value:\"2016-33\");\n script_xref(name:\"MFSA\", value:\"2016-34\");\n script_xref(name:\"MFSA\", value:\"2016-35\");\n script_xref(name:\"MFSA\", value:\"2016-36\");\n script_xref(name:\"MFSA\", value:\"2016-37\");\n script_xref(name:\"MFSA\", value:\"2016-38\");\n\n script_name(english:\"Firefox < 45 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Mac OS X host is prior\nto 45. It is, therefore, affected by multiple vulnerabilities, the\nmajority of which are remote code execution vulnerabilities. An\nunauthenticated, remote attacker can exploit these issues by\nconvincing a user to visit a specially crafted website, resulting in\nthe execution of arbitrary code in the context of the current user.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox version 45 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'45', severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:05:07", "description": "The remote host is affected by the vulnerability described in GLSA-201605-06\n(Mozilla Products: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and\n Thunderbird. Please review the CVE identifiers referenced below for\n details.\n \nImpact :\n\n A remote attacker could entice a user to view a specially crafted web\n page or email, possibly resulting in execution of arbitrary code or a\n Denial of Service condition. Furthermore, a remote attacker may be able\n to perform Man-in-the-Middle attacks, obtain sensitive information, spoof\n the address bar, conduct clickjacking attacks, bypass security\n restrictions and protection mechanisms, or have other unspecified\n impacts.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 23, "cvss3": {"score": 10.0, "vector": "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}, "published": "2016-05-31T00:00:00", "title": "GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4478", "CVE-2015-4485", "CVE-2015-4000", "CVE-2016-1953", "CVE-2015-4488", "CVE-2016-2790", "CVE-2016-1971", "CVE-2015-4481", "CVE-2015-2713", "CVE-2016-1945", "CVE-2016-1957", "CVE-2016-1949", "CVE-2016-1946", "CVE-2015-7181", "CVE-2016-1948", "CVE-2015-2714", "CVE-2016-1972", "CVE-2015-2717", "CVE-2016-1933", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-1938", "CVE-2016-2797", "CVE-2015-2712", "CVE-2016-1944", "CVE-2016-1960", "CVE-2015-2711", "CVE-2015-2716", "CVE-2016-1959", "CVE-2016-1931", "CVE-2016-1937", "CVE-2015-4489", "CVE-2015-4486", "CVE-2015-2718", "CVE-2015-4474", "CVE-2015-2710", "CVE-2015-4480", "CVE-2015-7182", "CVE-2015-4484", "CVE-2015-4479", "CVE-2016-1966", "CVE-2015-4492", "CVE-2015-7575", "CVE-2015-4490", "CVE-2016-1947", "CVE-2015-2721", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1942", "CVE-2016-1979", "CVE-2016-1969", "CVE-2015-7183", "CVE-2015-4483", "CVE-2015-4493", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1943", "CVE-2016-1952", "CVE-2015-2709", "CVE-2016-1978", "CVE-2015-4477", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2015-4487", "CVE-2016-2793", "CVE-2016-1523", "CVE-2015-4473", "CVE-2015-2708", "CVE-2016-1940", "CVE-2016-1961", "CVE-2016-1930", "CVE-2016-1935", "CVE-2016-1976", "CVE-2015-4491", "CVE-2016-1939", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2015-4475", "CVE-2016-1964", "CVE-2015-4482", "CVE-2015-2715", "CVE-2016-1941", "CVE-2016-1958"], "modified": "2016-05-31T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:firefox", "p-cpe:/a:gentoo:linux:nspr", "p-cpe:/a:gentoo:linux:thunderbird", "cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:nss", "p-cpe:/a:gentoo:linux:thunderbird-bin", "p-cpe:/a:gentoo:linux:firefox-bin"], "id": "GENTOO_GLSA-201605-06.NASL", "href": "https://www.tenable.com/plugins/nessus/91379", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201605-06.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91379);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-2708\", \"CVE-2015-2709\", \"CVE-2015-2710\", \"CVE-2015-2711\", \"CVE-2015-2712\", \"CVE-2015-2713\", \"CVE-2015-2714\", \"CVE-2015-2715\", \"CVE-2015-2716\", \"CVE-2015-2717\", \"CVE-2015-2718\", \"CVE-2015-2721\", \"CVE-2015-4000\", \"CVE-2015-4473\", \"CVE-2015-4474\", \"CVE-2015-4475\", \"CVE-2015-4477\", \"CVE-2015-4478\", \"CVE-2015-4479\", \"CVE-2015-4480\", \"CVE-2015-4481\", \"CVE-2015-4482\", \"CVE-2015-4483\", \"CVE-2015-4484\", \"CVE-2015-4485\", \"CVE-2015-4486\", \"CVE-2015-4487\", \"CVE-2015-4488\", \"CVE-2015-4489\", \"CVE-2015-4490\", \"CVE-2015-4491\", \"CVE-2015-4492\", \"CVE-2015-4493\", \"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\", \"CVE-2015-7575\", \"CVE-2016-1523\", \"CVE-2016-1930\", \"CVE-2016-1931\", \"CVE-2016-1933\", \"CVE-2016-1935\", \"CVE-2016-1937\", \"CVE-2016-1938\", \"CVE-2016-1939\", \"CVE-2016-1940\", \"CVE-2016-1941\", \"CVE-2016-1942\", \"CVE-2016-1943\", \"CVE-2016-1944\", \"CVE-2016-1945\", \"CVE-2016-1946\", \"CVE-2016-1947\", \"CVE-2016-1948\", \"CVE-2016-1949\", \"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1969\", \"CVE-2016-1970\", \"CVE-2016-1971\", \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\", \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1978\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"GLSA\", value:\"201605-06\");\n\n script_name(english:\"GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201605-06\n(Mozilla Products: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and\n Thunderbird. Please review the CVE identifiers referenced below for\n details.\n \nImpact :\n\n A remote attacker could entice a user to view a specially crafted web\n page or email, possibly resulting in execution of arbitrary code or a\n Denial of Service condition. Furthermore, a remote attacker may be able\n to perform Man-in-the-Middle attacks, obtain sensitive information, spoof\n the address bar, conduct clickjacking attacks, bypass security\n restrictions and protection mechanisms, or have other unspecified\n impacts.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201605-06\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All NSS users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/nss-3.22.2'\n All Thunderbird users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/thunderbird-38.7.0'\n All users of the Thunderbird binary package should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=mail-client/thunderbird-bin-38.7.0'\n All Firefox 38.7.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/firefox-38.7.0'\n All users of the Firefox 38.7.x binary package should upgrade to the\n latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/firefox-bin-38.7.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:thunderbird-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/31\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/nspr\", unaffected:make_list(\"ge 4.12\"), vulnerable:make_list(\"lt 4.12\"))) flag++;\nif (qpkg_check(package:\"dev-libs/nss\", unaffected:make_list(\"ge 3.22.2\"), vulnerable:make_list(\"lt 3.22.2\"))) flag++;\nif (qpkg_check(package:\"mail-client/thunderbird\", unaffected:make_list(\"ge 38.7.0\"), vulnerable:make_list(\"lt 38.7.0\"))) flag++;\nif (qpkg_check(package:\"mail-client/thunderbird-bin\", unaffected:make_list(\"ge 38.7.0\"), vulnerable:make_list(\"lt 38.7.0\"))) flag++;\nif (qpkg_check(package:\"www-client/firefox\", unaffected:make_list(\"ge 38.7.0\"), vulnerable:make_list(\"lt 38.7.0\"))) flag++;\nif (qpkg_check(package:\"www-client/firefox-bin\", unaffected:make_list(\"ge 38.7.0\"), vulnerable:make_list(\"lt 38.7.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Products\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:36", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "description": "- CVE-2016-1952 CVE-2016-1953 (arbitrary code execution)\n\nMozilla developers fixed several memory safety bugs in the browser\nengine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances,\nand we presume that with enough effort at least some of these could be\nexploited to run arbitrary code.\n\n- CVE-2016-1954 (privilege escalation)\n\nSecurity researcher Nicolas Golubovic reported that a malicious page can\noverwrite files on the user's machine using Content Security Policy\n(CSP) violation reports. The file contents are restricted to the JSON\nformat of the report. In many cases overwriting a local file may simply\nbe destructive, breaking the functionality of that file. The CSP error\nreports can include HTML fragments which could be rendered by browsers.\nIf a user has disabled add-on signing and has installed an "unpacked"\nadd-on, a malicious page could overwrite one of the add-on resources.\nDepending on how this resource is used, this could lead to privilege\nescalation.\n\n- CVE-2016-1955 (information disclosure)\n\nSecurity researcher Muneaki Nishimura (nishimunea) of Recruit\nTechnologies Co.,Ltd. reported that Content Security Policy (CSP)\nviolation reports contained full path information for cross-origin\niframe navigations in violation of the CSP specification. This could\nresult in information disclosure.\n\n- CVE-2016-1956 (denial of service)\n\nSecurity researcher Ucha Gobejishvili reported a denial of service (DOS)\nattack when doing certain WebGL operations in a canvas requiring an\nunusually large amount buffer to be allocated from video memory. This\nresulted in memory resource exhaustion with some Intel video cards,\nrequiring the computer to be rebooted to return functionality. This was\nresolved by putting in additional checks on the amount of memory to be\nallocated during graphics processing.\n\n- CVE-2016-1957 (resource consumption)\n\nSecurity researchers Jose Martinez and Romina Santillan reported a\nmemory leak in the libstagefright library when array destruction occurs\nduring MPEG4 video file processing.\n\n- CVE-2016-1958 (addressbar spoofing)\n\nSecurity researcher Abdulrahman Alqabandi reported an issue where an\nattacker can load an arbitrary web page but the addressbar's displayed\nURL will be blank or filled with page defined content. This can be used\nto obfuscate which page is currently loaded and allows for an attacker\nto spoof an existing page without the malicious page's address being\ndisplayed correctly.\n\n- CVE-2016-1959 (denial of service)\n\nSecurity researcher Looben Yang reported a mechanism where the Clients\nAPI in Service Workers can be used to trigger an out-of-bounds read in\nServiceWorkerManager. This results in a potentially exploitable crash.\n\n- CVE-2016-1960 (arbitrary code execution)\n\nSecurity researcher ca0nguyen, working with HP's Zero Day Initiative,\nreported a use-after-free issue in the HTML5 string parser when parsing\na particular set of table-related tags in a foreign fragment context\nsuch as SVG. This results in a potentially exploitable crash.\n\n- CVE-2016-1961 (arbitrary code execution)\n\nSecurity researcher lokihardt, working with HP's Zero Day Initiative,\nreported a use-after-free issue in the SetBody function of HTMLDocument.\nThis results in a potentially exploitable crash.\n\n- CVE-2016-1962 (arbitrary code execution)\n\nSecurity researcher Dominique Hazaël-Massieux reported a use-after-free\nissue when using multiple WebRTC data channel connections. This causes a\npotentially exploitable crash when a data channel connection is freed\nfrom within a call through it.\n\n- CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793\n CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798\n CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802\n (buffer overflow)\n\nSecurity researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the\nGraphite 2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce stack\ncorruption with a malicious graphite font. This leads to a potentially\nexploitable crash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds\nread, and out-of-bounds write errors when working with fuzzed graphite\nfonts.\n\n- CVE-2016-1963 (denial of service)\n\nSecurity researcher Oriol reported memory corruption when local files\nare modified (by either the user or another program) at the same time\nbeing read using the FileReader API. This flaw requires that input be\ntaken from a local file in order to be triggered and cannot be triggered\nby web content. This results in a potentially exploitable crash when\ntriggered.\n\n- CVE-2016-1964 (arbitrary code execution)\n\nSecurity researcher Nicolas Grégoire used the Address Sanitizer to find\na use-after-free during XML transformation operations. This results in a\npotentially exploitable crash triggerable by web content.\n\n- CVE-2016-1965 (addressbar spoofing)\n\nSecurity researcher Tsubasa Iinuma reported a mechanism where the\ndisplayed addressbar can be spoofed to users. This issue involves using\nhistory navigation in concert with the Location protocol property. After\nnavigating from a malicious page to another, if the user navigates back\nto the initial page, the displayed URL will not reflect the reloaded\npage. This could be used to trick users into potentially treating the\npage as a different and trusted site.\n\n- CVE-2016-1966 (remote code execution)\n\nThe Communications Electronics Security Group (UK) of the GCHQ reported\na dangling pointer dereference within the Netscape Plugin Application\nProgramming Interface (NPAPI) that could lead to the NPAPI subsystem\ncrashing. This issue requires a maliciously crafted NPAPI plugin in\nconcert with scripted web content, resulting in a potentially\nexploitable crash when triggered.\n\n- CVE-2016-1967 (same-origin policy bypass)\n\nSecurity researcher Jordi Chancel discovered a variant of Mozilla\nFoundation Security Advisory 2015-136 which was fixed in Firefox 43. In\nthe original bug, it was possible to read cross-origin URLs following a\nredirect if performance.getEntries() was used along with an iframe to\nhost a page. Navigating back in history through script, content was\npulled from the browser cache for the redirected location instead of\ngoing to the original location. In the newly reported variant issue, it\nwas found that if a browser session was restored, history navigation\nwould still allow for the same attack as content was restored from the\nbrowser cache. This is a same-origin policy violation and could allow\nfor data theft.\n\n- CVE-2016-1968 (remote code execution)\n\nSecurity researcher Luke Li reported a pointer underflow bug in the\nBrotli library's decompression that leads to a buffer overflow. This\nresults in a potentially exploitable crash when triggered.\n\n- CVE-2016-1970 CVE-2016-1971 CVE-2016-1972 CVE-2016-1975 CVE-2016-197\n (denial of service)\n\nSecurity researcher Ronald Crane reported five "moderate" rated\nvulnerabilities affecting released code that were found through code\ninspection. These included the following issues in WebRTC: an integer\nunderflow, a missing status check, race condition, and a use of deleted\npointers to create new object. A race condition in LibVPX was also\nidentified. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to\ntrigger them.\n\n- CVE-2016-1973 (use-after-free)\n\nSecurity researcher Ronald Crane reported a race condition in\nGetStaticInstance in WebRTC which results in a use-after-free. This\ncould result in a potentially exploitable crash. This issue was found\nthrough code inspection and does not have clear mechanism to be\nexploited through web content but is vulnerable if a mechanism can be\nfound to trigger it.\n\n- CVE-2016-1974 (denial of service)\n\nSecurity researcher Ronald Crane reported an out-of-bounds read\nfollowing a failed allocation in the HTML parser while working with\nunicode strings. This can also affect the parsing of XML and SVG format\ndata. This leads to a potentially exploitable crash.", "modified": "2016-03-09T00:00:00", "published": "2016-03-09T00:00:00", "id": "ASA-201603-4", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html", "type": "archlinux", "title": "firefox: multiple issues", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2020-01-31T18:36:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2016-03-13T00:00:00", "id": "OPENVAS:1361412562310851234", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851234", "type": "openvas", "title": "openSUSE: Security Advisory for Firefox (openSUSE-SU-2016:0733-1)", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851234\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-13 06:16:27 +0100 (Sun, 13 Mar 2016)\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\",\n \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1970\", \"CVE-2016-1971\",\n \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\",\n \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\",\n \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\",\n \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\",\n \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Firefox (openSUSE-SU-2016:0733-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Firefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\n following issues:\n\n MozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n * requires NSPR 4.12 / NSS 3.21.1\n\n * Instant browser tab sharing through Hello\n\n * Synced Tabs button in button bar\n\n * Tabs synced via Firefox Accounts from other devices are now shown in\n dropdown area of Awesome Bar when searching\n\n * Introduce a new preference (network.dns.blockDotOnion) to allow\n blocking .onion at the DNS level\n\n * Tab Groups (Panorama) feature removed\n\n * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety\n hazards\n\n * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and\n potential privilege escalation through CSP reports\n\n * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip\n location information for embedded iframe pages\n\n * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with\n Intel drivers\n\n * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4 processing\n\n * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be\n overridden\n\n * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager\n out-of-bounds read in Service Worker Manager\n\n * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free\n in HTML5 string parser\n\n * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free\n in SetBody\n\n * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using\n multiple WebRTC data channels\n\n * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when\n modifying a file being read by FileReader\n\n * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML\n transformations\n\n * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though\n history navigation and Location protocol property\n\n * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation\n using performance.getEntries and history navigation with session\n restore\n\n * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli\n decompression\n\n * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with\n malicious NPAPI plugin\n\n * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found\n through code inspection\n\n * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in\n GetStaticInstance in WebRTC\n\n * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML\n parser following a failed allocation\n\n * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Firefox on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:0733-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo\", rpm:\"mozilla-nspr-debuginfo~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debugsource\", rpm:\"mozilla-nspr-debugsource~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-devel\", rpm:\"mozilla-nspr-devel~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-devel\", rpm:\"mozilla-nss-devel~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit\", rpm:\"mozilla-nss-sysinit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo\", rpm:\"mozilla-nss-sysinit-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-32bit\", rpm:\"mozilla-nspr-32bit~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo-32bit\", rpm:\"mozilla-nspr-debuginfo-32bit~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-32bit\", rpm:\"mozilla-nss-sysinit-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo-32bit\", rpm:\"mozilla-nss-sysinit-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-04T17:41:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "description": "The remote host is missing an update for the ", "modified": "2020-06-03T00:00:00", "published": "2016-03-12T00:00:00", "id": "OPENVAS:1361412562310851230", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851230", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2016:0731-1)", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851230\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-12 06:14:00 +0100 (Sat, 12 Mar 2016)\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\",\n \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1970\", \"CVE-2016-1971\",\n \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\",\n \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\",\n \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\",\n \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\",\n \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2016:0731-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\n following issues:\n\n MozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n * requires NSPR 4.12 / NSS 3.21.1\n\n * Instant browser tab sharing through Hello\n\n * Synced Tabs button in button bar\n\n * Tabs synced via Firefox Accounts from other devices are now shown in\n dropdown area of Awesome Bar when searching\n\n * Introduce a new preference (network.dns.blockDotOnion) to allow blocking\n .onion at the DNS level\n\n * Tab Groups (Panorama) feature removed\n\n * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety\n hazards\n\n * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and\n potential privilege escalation through CSP reports\n\n * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip\n location information for embedded iframe pages\n\n * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with\n Intel drivers\n\n * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright\n when deleting an array during MP4 processing\n\n * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be\n overridden\n\n * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager\n out-of-bounds read in Service Worker Manager\n\n * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in\n HTML5 string parser\n\n * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in\n SetBody\n\n * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using\n multiple WebRTC data channels\n\n * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when\n modifying a file being read by FileReader\n\n * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML\n transformations\n\n * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though\n history navigation and Location protocol property\n\n * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation\n using performance.getEntries and history navigation with session restore\n\n * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli\n decompression\n\n * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with\n malicious NPAPI plugin\n\n * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found\n through code inspection\n\n * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in\n GetStaticInstance in WebRTC\n\n * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML\n parser following a failed allocation\n\n * MFSA 2016-35/CVE-2016-1950 (bmo ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox, on openSUSE Leap 42.1, openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:0731-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo\", rpm:\"mozilla-nspr-debuginfo~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debugsource\", rpm:\"mozilla-nspr-debugsource~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-devel\", rpm:\"mozilla-nspr-devel~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-devel\", rpm:\"mozilla-nss-devel~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit\", rpm:\"mozilla-nss-sysinit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo\", rpm:\"mozilla-nss-sysinit-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-32bit\", rpm:\"mozilla-nspr-32bit~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo-32bit\", rpm:\"mozilla-nspr-debuginfo-32bit~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-32bit\", rpm:\"mozilla-nss-sysinit-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo-32bit\", rpm:\"mozilla-nss-sysinit-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:11:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1969", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "description": "This host is installed with Mozilla\n Firefox and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2016-03-14T00:00:00", "id": "OPENVAS:1361412562310807520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807520", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities - Mar16 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Multiple Vulnerabilities - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807520\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1950\", \"CVE-2016-1952\",\n \"CVE-2016-1953\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\",\n \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\",\n \"CVE-2016-1968\", \"CVE-2016-1969\", \"CVE-2016-1970\", \"CVE-2016-1971\",\n \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\",\n \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\",\n \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\",\n \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\",\n \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-03-14 16:41:40 +0530 (Mon, 14 Mar 2016)\");\n script_name(\"Mozilla Firefox Multiple Vulnerabilities - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Firefox and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The 'nsCSPContext::SendReports' function in 'dom/security/nsCSPContext.cpp'\n script does not prevent use of a non-HTTP report-uri for a CSP violation\n report.\n\n - The CSP violation reports contained full path information for cross-origin\n iframe navigations in violation of the CSP specification.\n\n - A memory leak in the libstagefright library when array destruction occurs\n during MPEG4 video file processing.\n\n - An error in 'browser/base/content/browser.js' script.\n\n - Multiple use-after-free issues.\n\n - Multiple out-of-bounds read errors\n\n - A memory corruption vulnerability in the FileReader class.\n\n - The mishandling of a navigation sequence that returns to the original page.\n\n - Improper restriction of the availability of IFRAME Resource Timing API times.\n\n - Integer underflow in Brotli library's decompression.\n\n - A memory corruption issue in NPAPI plugin in 'nsNPObjWrapper::GetNewOrUsed'\n function in 'dom/plugins/base/nsJSNPRuntime.cpp' script.\n\n - A race condition in the 'GetStaticInstance' function in the WebRTC\n implementation.\n\n - Multiple Heap-based buffer overflow vulnerabilities.\n\n - The multiple unspecified vulnerabilities in the browser engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code or to cause a denial of service,\n possibly gain privileges, to bypass the Same Origin Policy, to obtain\n sensitive information and to do spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox version before 45.0 on\n Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 45.0\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:ffVer, test_version:\"45.0\"))\n{\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"45.0\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:46:49", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\n following issues:\n\n MozillaFirefox was updated to Firefox 45.0 (boo#969894)\n * requires NSPR 4.12 / NSS 3.21.1\n * Instant browser tab sharing through Hello\n * Synced Tabs button in button bar\n * Tabs synced via Firefox Accounts from other devices are now shown in\n dropdown area of Awesome Bar when searching\n * Introduce a new preference (network.dns.blockDotOnion) to allow blocking\n .onion at the DNS level\n * Tab Groups (Panorama) feature removed\n * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety\n hazards\n * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and\n potential privilege escalation through CSP reports\n * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip\n location information for embedded iframe pages\n * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with\n Intel drivers\n * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright\n when deleting an array during MP4 processing\n * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be\n overridden\n * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager\n out-of-bounds read in Service Worker Manager\n * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in\n HTML5 string parser\n * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in\n SetBody\n * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using\n multiple WebRTC data channels\n * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when\n modifying a file being read by FileReader\n * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML\n transformations\n * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though\n history navigation and Location protocol property\n * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation\n using perfomance.getEntries and history navigation with session restore\n * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli\n decompression\n * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with\n malicious NPAPI plugin\n * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found\n through code inspection\n * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in\n GetStaticInstance in WebRTC\n * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML\n parser following a failed allocation\n * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1\n decoding in NSS (fixed by requiring 3.21.1)\n * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during\n processing of DER encoded keys in NSS (fixed by requiring 3.21.1)\n * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the\n Graphite 2 library\n\n mozilla-nspr was updated to version 4.12\n * added a PR_GetEnvSecure function, which attempts to detect if the\n program is being executed with elevated privileges, and returns NULL if\n detected. It is recommended to use this function in general purpose\n library code.\n * fixed a memory allocation bug related to the PR_*printf functions\n * exported API PR_DuplicateEnvironment, which had already been added in\n NSPR 4.10.9\n * added support for FreeBSD aarch64\n * several minor correctness and compatibility fixes\n\n mozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n * required for Firefox 45.0\n * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1\n decoding in NSS (fixed by requiring 3.21.1)\n * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during\n processing of DER encoded keys in NSS (fixed by requiring 3.21.1)\n\n", "edition": 1, "modified": "2016-03-12T00:12:33", "published": "2016-03-12T00:12:33", "id": "OPENSUSE-SU-2016:0731-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "type": "suse", "title": "Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:50:34", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\n following issues:\n\n MozillaFirefox was updated to Firefox 45.0 (boo#969894)\n * requires NSPR 4.12 / NSS 3.21.1\n * Instant browser tab sharing through Hello\n * Synced Tabs button in button bar\n * Tabs synced via Firefox Accounts from other devices are now shown in\n dropdown area of Awesome Bar when searching\n * Introduce a new preference (network.dns.blockDotOnion) to allow\n blocking .onion at the DNS level\n * Tab Groups (Panorama) feature removed\n * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety\n hazards\n * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and\n potential privilege escalation through CSP reports\n * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip\n location information for embedded iframe pages\n * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with\n Intel drivers\n * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4 processing\n * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be\n overridden\n * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager\n out-of-bounds read in Service Worker Manager\n * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free\n in HTML5 string parser\n * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free\n in SetBody\n * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using\n multiple WebRTC data channels\n * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when\n modifying a file being read by FileReader\n * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML\n transformations\n * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though\n history navigation and Location protocol property\n * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation\n using perfomance.getEntries and history navigation with session\n restore\n * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli\n decompression\n * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with\n malicious NPAPI plugin\n * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found\n through code inspection\n * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in\n GetStaticInstance in WebRTC\n * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML\n parser following a failed allocation\n * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1\n decoding in NSS (fixed by requiring 3.21.1)\n * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during\n processing of DER encoded keys in NSS (fixed by requiring 3.21.1)\n * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the\n Graphite 2 library\n\n mozilla-nspr was updated to version 4.12\n * added a PR_GetEnvSecure function, which attempts to detect if the\n program is being executed with elevated privileges, and returns NULL\n if detected. It is recommended to use this function in general\n purpose library code.\n * fixed a memory allocation bug related to the PR_*printf functions\n * exported API PR_DuplicateEnvironment, which had already been added in\n NSPR 4.10.9\n * added support for FreeBSD aarch64\n * several minor correctness and compatibility fixes\n\n mozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n * required for Firefox 45.0\n * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1\n decoding in NSS (fixed by requiring 3.21.1)\n * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during\n processing of DER encoded keys in NSS (fixed by requiring 3.21.1)\n\n", "edition": 1, "modified": "2016-03-12T13:12:05", "published": "2016-03-12T13:12:05", "id": "OPENSUSE-SU-2016:0733-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "title": "Security update for Firefox (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2020-09-02T11:41:54", "bulletinFamily": "info", "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2015-7207", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "description": "### *Detect date*:\n03/08/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code, spoof user interface, gain privileges and write local files.\n\n### *Affected products*:\nMozilla Firefox versions earlier than 45.0 \nMozilla Firefox ESR versions earlier than 38.7\n\n### *Solution*:\nUpdate to the latest version \n[Get Firefox ESR](<https://www.mozilla.org/en-US/firefox/organizations/faq/>) \n[Get Firefox](<https://www.mozilla.org/en-US/firefox/new/>)\n\n### *Original advisories*:\n[Mozilla Foundation Security Advisories](<https://www.mozilla.org/en-US/security/advisories/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Firefox](<https://threats.kaspersky.com/en/product/Mozilla-Firefox/>)\n\n### *CVE-IDS*:\n[CVE-2016-2802](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802>)6.8High \n[CVE-2016-2801](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801>)6.8High \n[CVE-2016-2800](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800>)6.8High \n[CVE-2016-2799](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799>)9.3Critical \n[CVE-2016-2798](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798>)6.8High \n[CVE-2016-2797](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797>)6.8High \n[CVE-2016-2796](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796>)6.8High \n[CVE-2016-2795](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795>)6.8High \n[CVE-2016-2794](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794>)9.3Critical \n[CVE-2016-2793](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793>)6.8High \n[CVE-2016-2792](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792>)6.8High \n[CVE-2016-2791](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791>)6.8High \n[CVE-2016-2790](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790>)6.8High \n[CVE-2016-1979](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979>)6.8High \n[CVE-2016-1977](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977>)6.8High \n[CVE-2016-1976](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1976>)6.8High \n[CVE-2016-1975](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1975>)6.8High \n[CVE-2016-1974](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974>)6.8High \n[CVE-2016-1973](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1973>)6.8High \n[CVE-2016-1972](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1972>)6.8High \n[CVE-2016-1971](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1971>)6.8High \n[CVE-2016-1970](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1970>)6.8High \n[CVE-2016-1968](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1968>)6.8High \n[CVE-2016-1967](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1967>)4.3Warning \n[CVE-2016-1966](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966>)6.8High \n[CVE-2016-1965](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965>)4.3Warning \n[CVE-2016-1964](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964>)6.8High \n[CVE-2016-1950](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950>)6.8High \n[CVE-2016-1952](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952>)6.8High \n[CVE-2016-1953](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1953>)6.8High \n[CVE-2016-1954](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954>)6.8High \n[CVE-2016-1955](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1955>)4.3Warning \n[CVE-2016-1956](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1956>)7.1High \n[CVE-2016-1957](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957>)4.3Warning \n[CVE-2016-1958](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958>)4.3Warning \n[CVE-2016-1959](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1959>)6.8High \n[CVE-2016-1960](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960>)6.8High \n[CVE-2016-1961](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961>)6.8High \n[CVE-2016-1962](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962>)10.0Critical \n[CVE-2016-1963](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1963>)4.4Warning\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "edition": 42, "modified": "2020-06-18T00:00:00", "published": "2016-03-08T00:00:00", "id": "KLA10765", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10765", "title": "\r KLA10765Multiple vulnerabilities in Mozilla Firefox and Firefox ESR ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:10", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4478", "CVE-2015-4485", "CVE-2016-1953", "CVE-2015-4488", "CVE-2016-2790", "CVE-2016-1971", "CVE-2015-4481", "CVE-2015-2713", "CVE-2016-1945", "CVE-2016-1957", "CVE-2016-1949", "CVE-2016-1946", "CVE-2015-7181", "CVE-2016-1948", "CVE-2015-2714", "CVE-2016-1972", "CVE-2015-2717", "CVE-2016-1933", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-1938", "CVE-2016-2797", "CVE-2015-2712", "CVE-2016-1944", "CVE-2016-1960", "CVE-2015-2711", "CVE-2015-2716", "CVE-2016-1959", "CVE-2016-1931", "CVE-2016-1937", "CVE-2015-4489", "CVE-2015-4486", "CVE-2015-2718", "CVE-2015-4474", "CVE-2015-2710", "CVE-2015-4480", "CVE-2015-7182", "CVE-2015-4484", "CVE-2015-4479", "CVE-2016-1966", "CVE-2015-4492", "CVE-2015-4490", "CVE-2016-1947", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1942", "CVE-2016-1979", "CVE-2016-1969", "CVE-2015-7183", "CVE-2015-4483", "CVE-2015-4493", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1943", "CVE-2016-1952", "CVE-2015-2709", "CVE-2016-1978", "CVE-2015-4477", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2015-4487", "CVE-2016-2793", "CVE-2016-1523", "CVE-2015-4473", "CVE-2015-2708", "CVE-2016-1940", "CVE-2016-1961", "CVE-2016-1930", "CVE-2016-1935", "CVE-2016-1976", "CVE-2015-4491", "CVE-2016-1939", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2015-4475", "CVE-2016-1964", "CVE-2015-4482", "CVE-2015-2715", "CVE-2016-1941", "CVE-2016-1958"], "description": "### Background\n\nMozilla Firefox is an open-source web browser, Mozilla Thunderbird an open-source email client, and the Network Security Service (NSS) is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as \u2018Mozilla Application Suite\u2019. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and Thunderbird. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impacts. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll NSS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.22.2\"\n \n\nAll Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-38.7.0\"\n \n\nAll users of the Thunderbird binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-38.7.0\"\n \n\nAll Firefox 38.7.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-38.7.0\"\n \n\nAll users of the Firefox 38.7.x binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-38.7.0\"", "edition": 1, "modified": "2016-05-31T00:00:00", "published": "2016-05-31T00:00:00", "id": "GLSA-201605-06", "href": "https://security.gentoo.org/glsa/201605-06", "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
