DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2022-22738", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2022-22738", "description": "Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.", "published": "2022-12-22T20:15:00", "modified": "2022-12-29T15:48:00", "epss": [{"cve": "CVE-2022-22738", "epss": 0.00076, "percentile": 0.31229, "modified": "2023-12-03"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22738", "reporter": "security@mozilla.org", "references": ["https://www.mozilla.org/security/advisories/mfsa2022-02/", "https://www.mozilla.org/security/advisories/mfsa2022-01/", "https://www.mozilla.org/security/advisories/mfsa2022-03/", "https://bugzilla.mozilla.org/show_bug.cgi?id=1742382"], "cvelist": ["CVE-2022-22738"], "immutableFields": [], "lastseen": "2023-12-03T14:49:31", "viewCount": 409, "enchantments": {"backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:0129", "ALSA-2022:0130"]}, {"type": "amazon", "idList": ["ALAS2-2022-1763"]}, {"type": "centos", "idList": ["CESA-2022:0124", "CESA-2022:0127"]}, {"type": "debian", "idList": ["DEBIAN:DSA-5044-1:F4AE5", "DEBIAN:DSA-5045-1:56DD7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-22738"]}, {"type": "gentoo", "idList": ["GLSA-202202-03"]}, {"type": "hivepro", "idList": ["HIVEPRO:779E466407116476EB2306CE9BFC2CEB"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2022-0129.NASL", "CENTOS8_RHSA-2022-0130.NASL", "CENTOS_RHSA-2022-0124.NASL", "CENTOS_RHSA-2022-0127.NASL", "DEBIAN_DLA-2880.NASL", "DEBIAN_DLA-2881.NASL", "DEBIAN_DSA-5044.NASL", "DEBIAN_DSA-5045.NASL", "MACOS_FIREFOX_91_5_ESR.NASL", "MACOS_FIREFOX_96_0.NASL", "MOZILLA_FIREFOX_91_5_ESR.NASL", "MOZILLA_FIREFOX_96_0.NASL", "MOZILLA_THUNDERBIRD_91_5.NASL", "ORACLELINUX_ELSA-2022-0124.NASL", "ORACLELINUX_ELSA-2022-0127.NASL", "ORACLELINUX_ELSA-2022-0129.NASL", "ORACLELINUX_ELSA-2022-0130.NASL", "REDHAT-RHSA-2022-0123.NASL", "REDHAT-RHSA-2022-0124.NASL", "REDHAT-RHSA-2022-0125.NASL", "REDHAT-RHSA-2022-0126.NASL", "REDHAT-RHSA-2022-0127.NASL", "REDHAT-RHSA-2022-0128.NASL", "REDHAT-RHSA-2022-0129.NASL", "REDHAT-RHSA-2022-0130.NASL", "REDHAT-RHSA-2022-0131.NASL", "REDHAT-RHSA-2022-0132.NASL", "SL_20220113_FIREFOX_ON_SL7_X.NASL", "SL_20220113_THUNDERBIRD_ON_SL7_X.NASL", "SUSE_SU-2022-0115-1.NASL", "UBUNTU_USN-5229-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-0124", "ELSA-2022-0127", "ELSA-2022-0129", "ELSA-2022-0130"]}, {"type": "redhat", "idList": ["RHSA-2022:0125"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-22738"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0136-1"]}, {"type": "ubuntu", "idList": ["USN-5229-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-22738"]}]}, "score": {"value": 8.5, "uncertanity": 0.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:0129", "ALSA-2022:0130"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2022-22738"]}, {"type": "altlinux", "idList": ["738F1D56CB09A1333F5890F9ABE823A5", "E38C195D09343F9EF0F7F779E88C0D66"]}, {"type": "amazon", "idList": ["ALAS2-2022-1763", "ALAS2-2022-1818"]}, {"type": "centos", "idList": ["CESA-2022:0124", "CESA-2022:0127"]}, {"type": "cnvd", "idList": ["CNVD-2023-03061"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2880-1:5F2E8", "DEBIAN:DLA-2881-1:0A181", "DEBIAN:DSA-5044-1:F4AE5", "DEBIAN:DSA-5045-1:56DD7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-22738"]}, {"type": "gentoo", "idList": ["GLSA-202202-03", "GLSA-202208-14"]}, {"type": "hivepro", "idList": ["HIVEPRO:779E466407116476EB2306CE9BFC2CEB"]}, {"type": "ibm", "idList": ["8AA985F10478A217523AC3590FB9E32106E3D2C6C50A1C052E0D031713E7CD6A", "D2F4FA819023A831832A647B550E8F703EF96C1E7E396A36F150B71108876F7D"]}, {"type": "kaspersky", "idList": ["KLA12415", "KLA12416", "KLA12417"]}, {"type": "mageia", "idList": ["MGASA-2022-0013", "MGASA-2022-0019"]}, {"type": "mozilla", "idList": ["MFSA2022-01", "MFSA2022-02", "MFSA2022-03"]}, {"type": "nessus", "idList": ["AL2_ALAS-2022-1763.NASL", "AL2_ALAS-2022-1818.NASL", "ALMA_LINUX_ALSA-2022-0129.NASL", "ALMA_LINUX_ALSA-2022-0130.NASL", "CENTOS8_RHSA-2022-0129.NASL", "CENTOS8_RHSA-2022-0130.NASL", "CENTOS_RHSA-2022-0124.NASL", "CENTOS_RHSA-2022-0127.NASL", "DEBIAN_DLA-2880.NASL", "DEBIAN_DLA-2881.NASL", "DEBIAN_DSA-5044.NASL", "DEBIAN_DSA-5045.NASL", "GENTOO_GLSA-202202-03.NASL", "GENTOO_GLSA-202208-14.NASL", "MACOS_FIREFOX_91_5_ESR.NASL", "MACOS_FIREFOX_96_0.NASL", "MACOS_THUNDERBIRD_91_5.NASL", "MOZILLA_FIREFOX_91_5_ESR.NASL", "MOZILLA_FIREFOX_96_0.NASL", "MOZILLA_THUNDERBIRD_91_5.NASL", "OPENSUSE-2022-0136-1.NASL", "OPENSUSE-2022-0199-1.NASL", "ORACLELINUX_ELSA-2022-0124.NASL", "ORACLELINUX_ELSA-2022-0127.NASL", "ORACLELINUX_ELSA-2022-0129.NASL", "ORACLELINUX_ELSA-2022-0130.NASL", "REDHAT-RHSA-2022-0123.NASL", "REDHAT-RHSA-2022-0124.NASL", "REDHAT-RHSA-2022-0125.NASL", "REDHAT-RHSA-2022-0126.NASL", "REDHAT-RHSA-2022-0127.NASL", "REDHAT-RHSA-2022-0128.NASL", "REDHAT-RHSA-2022-0129.NASL", "REDHAT-RHSA-2022-0130.NASL", "REDHAT-RHSA-2022-0131.NASL", "REDHAT-RHSA-2022-0132.NASL", "ROCKY_LINUX_RLSA-2022-0129.NASL", "ROCKY_LINUX_RLSA-2022-0130.NASL", "SL_20220113_FIREFOX_ON_SL7_X.NASL", "SL_20220113_THUNDERBIRD_ON_SL7_X.NASL", "SUSE_SU-2022-0115-1.NASL", "SUSE_SU-2022-0136-1.NASL", "SUSE_SU-2022-0137-1.NASL", "SUSE_SU-2022-0199-1.NASL", "SUSE_SU-2022-14880-1.NASL", "UBUNTU_USN-5229-1.NASL", "UBUNTU_USN-5246-1.NASL", "UBUNTU_USN-5248-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-0124", "ELSA-2022-0127", "ELSA-2022-0129", "ELSA-2022-0130"]}, {"type": "osv", "idList": ["OSV:DLA-2880-1", "OSV:DLA-2881-1", "OSV:DSA-5044-1", "OSV:DSA-5045-1"]}, {"type": "prion", "idList": ["PRION:CVE-2022-22738"]}, {"type": "redhat", "idList": ["RHSA-2022:0123", "RHSA-2022:0124", "RHSA-2022:0125", "RHSA-2022:0126", "RHSA-2022:0127", "RHSA-2022:0128", "RHSA-2022:0129", "RHSA-2022:0130", "RHSA-2022:0131", "RHSA-2022:0132"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-22738"]}, {"type": "redos", "idList": ["ROS-20220114-01"]}, {"type": "rocky", "idList": ["RLSA-2022:0129", "RLSA-2022:0130"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0136-1", "OPENSUSE-SU-2022:0199-1"]}, {"type": "ubuntu", "idList": ["USN-5229-1", "USN-5246-1", "USN-5248-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-22738"]}, {"type": "veracode", "idList": ["VERACODE:33634"]}]}, "twitter": {"counter": 4, "tweets": [{"link": "https://twitter.com/WolfgangSesin/status/1575512531275333638", "text": "New post from https://t.co/uXvPWJy6tj (CVE-2022-22738 | Mozilla Thunderbird up to 91.4 CSS Filter heap-based overflow (Bug 1742382)) has been published on https://t.co/hbstge0xgg", "author": "WolfgangSesin", "author_photo": "https://pbs.twimg.com/profile_images/957011635369054208/Om3jbj7z_400x400.jpg"}, {"link": "https://twitter.com/www_sesin_at/status/1575512538439090180", "text": "New post from https://t.co/9KYxtdZjkl (CVE-2022-22738 | Mozilla Thunderbird up to 91.4 CSS Filter heap-based overflow (Bug 1742382)) has been published on https://t.co/1Ytf310yRU", "author": "www_sesin_at", "author_photo": "https://pbs.twimg.com/profile_images/958100963822329858/fb_N8h5n_400x400.jpg"}]}, "affected_software": {"major_version": [{"name": "mozilla firefox", "version": 96}, {"name": "mozilla firefox esr", "version": 91}, {"name": "mozilla thunderbird", "version": 91}]}, "epss": [{"cve": "CVE-2022-22738", "epss": 0.00068, "percentile": 0.27664, "modified": "2023-05-02"}], "short_description": "CSS filter effect allows out of bounds memory access, potential exploitable crash in Firefox ESR < 91.5, Firefox < 96, Thunderbird < 91.5", "tags": ["css", "filter", "memory access", "heap-buffer-overflow", "vulnerability", "firefox", "thunderbird", "nvd", "cve-2022-22738"], "vulnersScore": 8.5}, "_state": {"dependencies": 1701622555, "score": 1701616418, "twitter": 0, "affected_software_major_version": 0, "epss": 0, "chatgpt": 0}, "_internal": {"score_hash": "5a1426923339fedb9a5636cf3ac6b75e", "chatgpt": "bcd8b0c2eb1fce714eab6cef0d771acc"}, "cna_cvss": {"cna": "mozilla", "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-787"], "affectedSoftware": [{"cpeName": "mozilla:firefox", "version": "96.0", "operator": "lt", "name": "mozilla firefox"}, {"cpeName": "mozilla:firefox_esr", "version": "91.5", "operator": "lt", "name": "mozilla firefox esr"}, {"cpeName": "mozilla:thunderbird", "version": "91.5", "operator": "lt", "name": "mozilla thunderbird"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:mozilla:firefox:96.0:*:*:*:*:*:*:*", "versionEndExcluding": "96.0", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:91.5:*:*:*:*:*:*:*", "versionEndExcluding": "91.5", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:91.5:*:*:*:*:*:*:*", "versionEndExcluding": "91.5", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "name": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "name": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "name": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1742382", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1742382", "refsource": "MISC", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"]}], "product_info": [{"vendor": "Mozilla", "product": "Firefox"}, {"vendor": "Mozilla", "product": "Thunderbird"}, {"vendor": "Mozilla", "product": "Firefox ESR"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Heap-buffer-overflow in blendGaussianBlur"}]}], "exploits": [], "assigned": "2022-01-07T00:00:00"}

{"alpinelinux": [{"lastseen": "2023-12-03T16:03:12", "description": "Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-12-22T20:15:00", "type": "alpinelinux", "title": "CVE-2022-22738", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22738"], "modified": "2022-12-29T15:48:00", "id": "ALPINE:CVE-2022-22738", "href": "https://security.alpinelinux.org/vuln/CVE-2022-22738", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cnvd": [{"lastseen": "2023-02-16T17:28:40", "description": "Mozilla Firefox is an open source web browser from the Mozilla Foundation, U.S. A buffer overflow vulnerability exists in Mozilla Firefox, which can be exploited by unauthenticated attackers to execute arbitrary code.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-06T00:00:00", "type": "cnvd", "title": "Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2023-03061)", "bulletinFamily": "cnvd", "cvss2": {}, "cvelist": ["CVE-2022-22738"], "modified": "2023-01-17T00:00:00", "id": "CNVD-2023-03061", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2023-03061", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhatcve": [{"lastseen": "2023-12-03T20:45:27", "description": "The Mozilla Foundation Security Advisory describes this flaw as: Applying a CSS filter effect could have accessed out-of-bounds memory. This could have led to a heap-buffer-overflow, causing a potentially exploitable crash.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-12T23:22:56", "type": "redhatcve", "title": "CVE-2022-22738", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22738"], "modified": "2023-04-06T09:29:13", "id": "RH:CVE-2022-22738", "href": "https://access.redhat.com/security/cve/cve-2022-22738", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-20T23:25:09", "description": "Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-12-22T20:15:00", "type": "prion", "title": "Heap overflow", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22738"], "modified": "2022-12-29T15:48:00", "id": "PRION:CVE-2022-22738", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2022-22738", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-12-03T15:20:52", "description": "Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-12-22T20:15:00", "type": "debiancve", "title": "CVE-2022-22738", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22738"], "modified": "2022-12-22T20:15:00", "id": "DEBIANCVE:CVE-2022-22738", "href": "https://security-tracker.debian.org/tracker/CVE-2022-22738", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2022-12-29T19:10:55", "description": "firefox is vulnerable to denial of service. The vulnerability exists due to a heap-buffer-overflow in blendGaussianBlur allowing an attacker to crash the system by applying a CSS filter effect.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-14T05:54:05", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-22738"], "modified": "2022-12-29T17:20:15", "id": "VERACODE:33634", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33634/summary", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntucve": [{"lastseen": "2023-12-03T13:41:06", "description": "Applying a CSS filter effect could have accessed out of bounds memory. This\ncould have lead to a heap-buffer-overflow causing a potentially exploitable\ncrash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and\nThunderbird < 91.5.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | mozjs contains a copy of the SpiderMonkey JavaScript engine\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-13T00:00:00", "type": "ubuntucve", "title": "CVE-2022-22738", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22738"], "modified": "2022-01-13T00:00:00", "id": "UB:CVE-2022-22738", "href": "https://ubuntu.com/security/CVE-2022-22738", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-11-22T15:09:09", "description": "The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0124-1 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:0124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:firefox", "p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo"], "id": "SL_20220113_FIREFOX_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/156718", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156718);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"RHSA-2022:0124\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:0124)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SLSA-2022:0124-1 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.scientificlinux.org/category/sl-errata/slsa-20220124-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox and / or firefox-debuginfo packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Scientific Linux' >!< release) audit(AUDIT_OS_NOT, 'Scientific Linux');\nvar os_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Scientific Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Scientific Linux 7.x', 'Scientific Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Scientific Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.5.0-1.el7_9', 'cpu':'i686', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.5.0-1.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-debuginfo-91.5.0-1.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-debuginfo');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:38:35", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2881 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-16T00:00:00", "type": "nessus", "title": "Debian DLA-2881-1 : thunderbird - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:calendar-google-provider", "p-cpe:/a:debian:debian_linux:icedove", "p-cpe:/a:debian:debian_linux:icedove-dbg", "p-cpe:/a:debian:debian_linux:icedove-dev", "p-cpe:/a:debian:debian_linux:icedove-l10n-all", "p-cpe:/a:debian:debian_linux:icedove-l10n-ar", "p-cpe:/a:debian:debian_linux:icedove-l10n-ast", "p-cpe:/a:debian:debian_linux:icedove-l10n-be", "p-cpe:/a:debian:debian_linux:icedove-l10n-bg", "p-cpe:/a:debian:debian_linux:icedove-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:icedove-l10n-br", "p-cpe:/a:debian:debian_linux:icedove-l10n-ca", "p-cpe:/a:debian:debian_linux:icedove-l10n-cs", "p-cpe:/a:debian:debian_linux:icedove-l10n-da", "p-cpe:/a:debian:debian_linux:icedove-l10n-de", "p-cpe:/a:debian:debian_linux:icedove-l10n-dsb", "p-cpe:/a:debian:debian_linux:icedove-l10n-el", "p-cpe:/a:debian:debian_linux:icedove-l10n-en-gb", "p-cpe:/a:debian:debian_linux:icedove-l10n-es-ar", "p-cpe:/a:debian:debian_linux:icedove-l10n-es-es", "p-cpe:/a:debian:debian_linux:icedove-l10n-et", "p-cpe:/a:debian:debian_linux:icedove-l10n-eu", "p-cpe:/a:debian:debian_linux:icedove-l10n-fi", "p-cpe:/a:debian:debian_linux:icedove-l10n-fr", "p-cpe:/a:debian:debian_linux:icedove-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:icedove-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:icedove-l10n-gd", "p-cpe:/a:debian:debian_linux:icedove-l10n-gl", "p-cpe:/a:debian:debian_linux:icedove-l10n-he", "p-cpe:/a:debian:debian_linux:icedove-l10n-hr", "p-cpe:/a:debian:debian_linux:icedove-l10n-hsb", "p-cpe:/a:debian:debian_linux:icedove-l10n-hu", "p-cpe:/a:debian:debian_linux:icedove-l10n-hy-am", "p-cpe:/a:debian:debian_linux:icedove-l10n-id", "p-cpe:/a:debian:debian_linux:icedove-l10n-is", "p-cpe:/a:debian:debian_linux:icedove-l10n-it", "p-cpe:/a:debian:debian_linux:icedove-l10n-ja", "p-cpe:/a:debian:debian_linux:icedove-l10n-kab", "p-cpe:/a:debian:debian_linux:icedove-l10n-ko", "p-cpe:/a:debian:debian_linux:icedove-l10n-lt", "p-cpe:/a:debian:debian_linux:icedove-l10n-nb-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-nl", "p-cpe:/a:debian:debian_linux:icedove-l10n-nn-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-pa-in", "p-cpe:/a:debian:debian_linux:icedove-l10n-pl", "p-cpe:/a:debian:debian_linux:icedove-l10n-pt-br", "p-cpe:/a:debian:debian_linux:icedove-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:icedove-l10n-rm", "p-cpe:/a:debian:debian_linux:icedove-l10n-ro", "p-cpe:/a:debian:debian_linux:icedove-l10n-ru", "p-cpe:/a:debian:debian_linux:icedove-l10n-si", "p-cpe:/a:debian:debian_linux:icedove-l10n-sk", "p-cpe:/a:debian:debian_linux:icedove-l10n-sl", "p-cpe:/a:debian:debian_linux:icedove-l10n-sq", "p-cpe:/a:debian:debian_linux:icedove-l10n-sr", "p-cpe:/a:debian:debian_linux:icedove-l10n-sv-se", "p-cpe:/a:debian:debian_linux:icedove-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:icedove-l10n-tr", "p-cpe:/a:debian:debian_linux:icedove-l10n-uk", "p-cpe:/a:debian:debian_linux:icedove-l10n-vi", "p-cpe:/a:debian:debian_linux:icedove-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:icedove-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceowl-extension", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ast", "p-cpe:/a:debian:debian_linux:iceowl-l10n-be", "p-cpe:/a:debian:debian_linux:iceowl-l10n-bg", "p-cpe:/a:debian:debian_linux:iceowl-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:iceowl-l10n-br", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ca", "p-cpe:/a:debian:debian_linux:iceowl-l10n-cs", "p-cpe:/a:debian:debian_linux:iceowl-l10n-cy", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-th", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz", "p-cpe:/a:debian:debian_linux:iceowl-l10n-da", "p-cpe:/a:debian:debian_linux:iceowl-l10n-de", "p-cpe:/a:debian:debian_linux:iceowl-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-el", "p-cpe:/a:debian:debian_linux:iceowl-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceowl-l10n-et", "p-cpe:/a:debian:debian_linux:iceowl-l10n-eu", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fi", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceowl-l10n-gd", "p-cpe:/a:debian:debian_linux:iceowl-l10n-gl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-he", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hu", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceowl-l10n-id", "p-cpe:/a:debian:debian_linux:iceowl-l10n-is", "p-cpe:/a:debian:debian_linux:iceowl-l10n-it", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ja", "p-cpe:/a:debian:debian_linux:iceowl-l10n-kab", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ko", "p-cpe:/a:debian:debian_linux:iceowl-l10n-lt", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceowl-l10n-rm", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ro", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ru", "p-cpe:/a:debian:debian_linux:iceowl-l10n-si", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sq", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-tr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-uk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-vi", "p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:lightning", "p-cpe:/a:debian:debian_linux:lightning-l10n-ar", "p-cpe:/a:debian:debian_linux:lightning-l10n-ast", "p-cpe:/a:debian:debian_linux:lightning-l10n-be", "p-cpe:/a:debian:debian_linux:lightning-l10n-bg", "p-cpe:/a:debian:debian_linux:lightning-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:lightning-l10n-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-ca", "p-cpe:/a:debian:debian_linux:lightning-l10n-cs", "p-cpe:/a:debian:debian_linux:lightning-l10n-cy", "p-cpe:/a:debian:debian_linux:lightning-l10n-da", "p-cpe:/a:debian:debian_linux:lightning-l10n-de", "p-cpe:/a:debian:debian_linux:lightning-l10n-dsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-el", "p-cpe:/a:debian:debian_linux:lightning-l10n-en-gb", "p-cpe:/a:debian:debian_linux:lightning-l10n-es-ar", "p-cpe:/a:debian:debian_linux:lightning-l10n-es-es", "p-cpe:/a:debian:debian_linux:lightning-l10n-et", "p-cpe:/a:debian:debian_linux:lightning-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-fi", "p-cpe:/a:debian:debian_linux:lightning-l10n-fr", "p-cpe:/a:debian:debian_linux:lightning-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:lightning-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:lightning-l10n-gd", "p-cpe:/a:debian:debian_linux:lightning-l10n-gl", "p-cpe:/a:debian:debian_linux:lightning-l10n-he", "p-cpe:/a:debian:debian_linux:lightning-l10n-hr", "p-cpe:/a:debian:debian_linux:lightning-l10n-hsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-hu", "p-cpe:/a:debian:debian_linux:lightning-l10n-hy-am", "p-cpe:/a:debian:debian_linux:lightning-l10n-id", "p-cpe:/a:debian:debian_linux:lightning-l10n-is", "p-cpe:/a:debian:debian_linux:lightning-l10n-it", "p-cpe:/a:debian:debian_linux:lightning-l10n-ja", "p-cpe:/a:debian:debian_linux:lightning-l10n-kab", "p-cpe:/a:debian:debian_linux:lightning-l10n-kk", "p-cpe:/a:debian:debian_linux:lightning-l10n-ko", "p-cpe:/a:debian:debian_linux:lightning-l10n-lt", "p-cpe:/a:debian:debian_linux:lightning-l10n-ms", "p-cpe:/a:debian:debian_linux:lightning-l10n-nb-no", "p-cpe:/a:debian:debian_linux:lightning-l10n-nl", "p-cpe:/a:debian:debian_linux:lightning-l10n-nn-no", "p-cpe:/a:debian:debian_linux:lightning-l10n-pa-in", "p-cpe:/a:debian:debian_linux:lightning-l10n-pl", "p-cpe:/a:debian:debian_linux:lightning-l10n-pt-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:lightning-l10n-rm", "p-cpe:/a:debian:debian_linux:lightning-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw", "cpe:/o:debian:debian_linux:9.0", "p-cpe:/a:debian:debian_linux:lightning-l10n-ru", "p-cpe:/a:debian:debian_linux:lightning-l10n-si", "p-cpe:/a:debian:debian_linux:lightning-l10n-sk", "p-cpe:/a:debian:debian_linux:lightning-l10n-sl", "p-cpe:/a:debian:debian_linux:lightning-l10n-sq", "p-cpe:/a:debian:debian_linux:lightning-l10n-sr", "p-cpe:/a:debian:debian_linux:lightning-l10n-sv-se", "p-cpe:/a:debian:debian_linux:lightning-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:lightning-l10n-tr", "p-cpe:/a:debian:debian_linux:lightning-l10n-uk", "p-cpe:/a:debian:debian_linux:lightning-l10n-vi", "p-cpe:/a:debian:debian_linux:lightning-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:lightning-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:thunderbird", "p-cpe:/a:debian:debian_linux:thunderbird-dbg", "p-cpe:/a:debian:debian_linux:thunderbird-dev", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-af", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-all", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-de", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-et", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-he", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-id", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-is", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-it", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-si", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl"], "id": "DEBIAN_DLA-2881.NASL", "href": "https://www.tenable.com/plugins/nessus/156766", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2881. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156766);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"Debian DLA-2881-1 : thunderbird - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2881 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/thunderbird\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/thunderbird\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the thunderbird packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:calendar-google-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-extension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'calendar-google-provider', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-dbg', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-dev', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-all', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ar', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ast', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-be', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-bg', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-bn-bd', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-br', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ca', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-cs', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-da', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-de', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-dsb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-el', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-en-gb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-es-ar', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-es-es', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-et', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-eu', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-fi', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-fr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-fy-nl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ga-ie', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-gd', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-gl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-he', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-hr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-hsb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-hu', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-hy-am', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-id', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-is', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-it', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ja', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-kab', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ko', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-lt', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-nb-no', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-nl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-nn-no', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-pa-in', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-pl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-pt-br', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-pt-pt', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-rm', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ro', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ru', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-si', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sq', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sv-se', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ta-lk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-tr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-uk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-vi', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-zh-cn', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-zh-tw', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-extension', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ar', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ast', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-be', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-bg', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-bn-bd', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-br', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ca', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-cs', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-cy', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-da', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-de', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-dsb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-el', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-en-gb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-es-ar', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-es-es', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-et', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-eu', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-fi', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-fr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-fy-nl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ga-ie', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-gd', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-gl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-he', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-hr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-hsb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-hu', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-hy-am', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-id', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-is', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-it', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ja', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-kab', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ko', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-lt', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-nb-no', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-nl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-nn-no', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-pa-in', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-pl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-pt-br', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-pt-pt', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-rm', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ro', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ru', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-si', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sq', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sv-se', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ta-lk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-tr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-uk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-vi', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-zh-cn', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-zh-tw', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ar', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ast', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-be', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-bg', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-bn-bd', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-br', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ca', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-cs', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-cy', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-da', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-de', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-dsb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-el', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-en-gb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-es-ar', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-es-es', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-et', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-eu', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-fi', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-fr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-fy-nl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ga-ie', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-gd', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-gl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-he', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-hr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-hsb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-hu', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-hy-am', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-id', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-is', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-it', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ja', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-kab', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-kk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ko', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-lt', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ms', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-nb-no', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-nl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-nn-no', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-pa-in', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-pl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-pt-br', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-pt-pt', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-rm', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ro', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ru', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-si', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sq', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sv-se', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ta-lk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-tr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-uk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-vi', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-zh-cn', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-zh-tw', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-dbg', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-dev', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-af', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-all', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ar', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ast', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-be', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-bg', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-bn-bd', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-br', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ca', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-cak', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-cs', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-cy', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-da', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-de', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-dsb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-el', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-en-ca', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-en-gb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-es-ar', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-es-es', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-et', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-eu', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-fi', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-fr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-fy-nl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ga-ie', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-gd', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-gl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-he', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-hr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-hsb', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-hu', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-hy-am', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-id', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-is', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-it', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ja', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ka', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-kab', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-kk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ko', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-lt', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-lv', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ms', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-nb-no', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-nl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-nn-no', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-pa-in', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-pl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-pt-br', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-pt-pt', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-rm', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ro', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ru', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-si', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sl', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sq', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sv-se', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ta-lk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-th', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-tr', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-uk', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-uz', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-vi', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-zh-cn', 'reference': '1:91.5.0-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-zh-tw', 'reference': '1:91.5.0-1~deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'calendar-google-provider / icedove / icedove-dbg / icedove-dev / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:31", "description": "The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0127-1 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:0127)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo"], "id": "SL_20220113_THUNDERBIRD_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/156720", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156720);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"RHSA-2022:0127\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:0127)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SLSA-2022:0127-1 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.scientificlinux.org/category/sl-errata/slsa-20220127-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Scientific Linux' >!< release) audit(AUDIT_OS_NOT, 'Scientific Linux');\nvar os_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Scientific Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Scientific Linux 7.x', 'Scientific Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Scientific Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.5.0-1.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debuginfo-91.5.0-1.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird / thunderbird-debuginfo');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:31", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0125 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2022:0125)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0125.NASL", "href": "https://www.tenable.com/plugins/nessus/156728", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0125. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156728);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0125\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2022:0125)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0125 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.5.0-1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.5.0-1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:10", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0124 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 7 : firefox (RHSA-2022:0124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0124.NASL", "href": "https://www.tenable.com/plugins/nessus/156729", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0124. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156729);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0124\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 7 : firefox (RHSA-2022:0124)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0124 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0124\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.5.0-1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:26:47", "description": "The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:0129 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : thunderbird (ALSA-2022:0129)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:alma:linux:thunderbird", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-0129.NASL", "href": "https://www.tenable.com/plugins/nessus/158826", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:0129.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158826);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"ALSA\", value:\"2022:0129\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"AlmaLinux 8 : thunderbird (ALSA-2022:0129)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nALSA-2022:0129 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-0129.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.5.0-1.el8_5.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T19:52:55", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0129 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-07T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : thunderbird (RLSA-2022:0129)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:thunderbird", "p-cpe:/a:rocky:linux:thunderbird-debuginfo", "p-cpe:/a:rocky:linux:thunderbird-debugsource", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-0129.NASL", "href": "https://www.tenable.com/plugins/nessus/184974", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:0129.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184974);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n script_xref(name:\"RLSA\", value:\"2022:0129\");\n\n script_name(english:\"Rocky Linux 8 : thunderbird (RLSA-2022:0129)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:0129 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and\n Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox <\n 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:0129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird, thunderbird-debuginfo and / or thunderbird-debugsource packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:thunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.5.0-1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.5.0-1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debuginfo-91.5.0-1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debuginfo-91.5.0-1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debugsource-91.5.0-1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debugsource-91.5.0-1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird / thunderbird-debuginfo / thunderbird-debugsource');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:21", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0123 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2022:0123)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0123.NASL", "href": "https://www.tenable.com/plugins/nessus/156734", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0123. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156734);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0123\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2022:0123)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0123 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0123\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.5.0-1.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.5.0-1.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.5.0-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:08:40", "description": "The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0127 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-18T00:00:00", "type": "nessus", "title": "CentOS 7 : thunderbird (CESA-2022:0127)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["p-cpe:/a:centos:centos:thunderbird", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2022-0127.NASL", "href": "https://www.tenable.com/plugins/nessus/156791", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0127 and\n# CentOS Errata and Security Advisory 2022:0127 respectively.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156791);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n script_xref(name:\"RHSA\", value:\"2022:0127\");\n\n script_name(english:\"CentOS 7 : thunderbird (CESA-2022:0127)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2022:0127 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2022-January/073537.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0169a52d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/120.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/476.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/829.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/1021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.5.0-1.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:38:07", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0131 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2022:0131)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0131.NASL", "href": "https://www.tenable.com/plugins/nessus/156737", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0131. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156737);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0131\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2022:0131)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0131 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.5.0-1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.5.0-1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:02", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0127 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 7 : thunderbird (RHSA-2022:0127)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0127.NASL", "href": "https://www.tenable.com/plugins/nessus/156727", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0127. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156727);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0127\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 7 : thunderbird (RHSA-2022:0127)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0127 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0127\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.5.0-1.el7_9', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.5.0-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:46", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0126 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2022:0126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0126.NASL", "href": "https://www.tenable.com/plugins/nessus/156735", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0126. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156735);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0126\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2022:0126)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0126 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0126\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.5.0-1.el8_4', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:25:03", "description": "The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:0130 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : firefox (ALSA-2022:0130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:alma:linux:firefox", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-0130.NASL", "href": "https://www.tenable.com/plugins/nessus/158865", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:0130.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158865);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"ALSA\", value:\"2022:0130\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"AlmaLinux 8 : firefox (ALSA-2022:0130)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nALSA-2022:0130 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-0130.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.5.0-1.el8_5.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T21:33:34", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0130 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-07T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : firefox (RLSA-2022:0130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:firefox", "p-cpe:/a:rocky:linux:firefox-debuginfo", "p-cpe:/a:rocky:linux:firefox-debugsource", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-0130.NASL", "href": "https://www.tenable.com/plugins/nessus/184998", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:0130.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184998);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n script_xref(name:\"RLSA\", value:\"2022:0130\");\n\n script_name(english:\"Rocky Linux 8 : firefox (RLSA-2022:0130)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:0130 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and\n Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox <\n 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:0130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox, firefox-debuginfo and / or firefox-debugsource packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:firefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.5.0-1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.5.0-1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-debuginfo-91.5.0-1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-debuginfo-91.5.0-1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-debugsource-91.5.0-1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-debugsource-91.5.0-1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-debuginfo / firefox-debugsource');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:08:42", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0124 advisory.\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. (CVE-2022-22739)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. (CVE-2022-22741)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : firefox (ELSA-2022-0124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2022-0124.NASL", "href": "https://www.tenable.com/plugins/nessus/156700", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0124.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156700);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"Oracle Linux 7 : firefox (ELSA-2022-0124)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-0124 advisory.\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations\n (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. (CVE-2022-22739)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. (CVE-2022-22741)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0124.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.5.0-1.0.1.el7_9', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.5.0-1.0.1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:46", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0130 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2022:0130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0130.NASL", "href": "https://www.tenable.com/plugins/nessus/156738", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0130. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156738);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0130\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2022:0130)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0130 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.5.0-1.el8_5', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.5.0-1.el8_5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:20", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0132 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2022:0132)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0132.NASL", "href": "https://www.tenable.com/plugins/nessus/156733", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0132. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156733);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0132\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2022:0132)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0132 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0132\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.5.0-1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:46", "description": "The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5045 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-15T00:00:00", "type": "nessus", "title": "Debian DSA-5045-1 : thunderbird - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:calendar-google-provider", "p-cpe:/a:debian:debian_linux:lightning", "p-cpe:/a:debian:debian_linux:thunderbird", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-af", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-all", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-de", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-et", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-he", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-id", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-th", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:11.0", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-is", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-it", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-si", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr"], "id": "DEBIAN_DSA-5045.NASL", "href": "https://www.tenable.com/plugins/nessus/156762", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5045. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156762);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"Debian DSA-5045-1 : thunderbird - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5045 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/thunderbird\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/thunderbird\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/thunderbird\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the thunderbird packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:calendar-google-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'calendar-google-provider', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'lightning', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-af', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-all', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ar', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ast', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-be', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-bg', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-br', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ca', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cak', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cs', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cy', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-da', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-de', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-dsb', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-el', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-en-ca', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-en-gb', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-es-ar', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-es-es', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-et', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-eu', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fi', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fr', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fy-nl', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ga-ie', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-gd', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-gl', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-he', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hr', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hsb', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hu', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hy-am', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-id', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-is', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-it', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ja', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ka', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-kab', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-kk', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ko', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-lt', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-lv', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ms', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nb-no', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nl', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nn-no', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pa-in', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pl', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pt-br', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pt-pt', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-rm', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ro', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ru', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-si', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sk', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sl', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sq', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sr', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sv-se', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-th', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-tr', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-uk', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-uz', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-vi', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-zh-cn', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-zh-tw', 'reference': '1:91.5.0-2~deb10u1'},\n {'release': '11.0', 'prefix': 'calendar-google-provider', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'lightning', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-af', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-all', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ar', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ast', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-be', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-bg', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-br', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ca', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-cak', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-cs', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-cy', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-da', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-de', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-dsb', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-el', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-en-ca', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-en-gb', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-es-ar', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-es-es', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-et', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-eu', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-fi', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-fr', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-fy-nl', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ga-ie', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-gd', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-gl', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-he', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-hr', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-hsb', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-hu', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-hy-am', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-id', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-is', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-it', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ja', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ka', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-kab', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-kk', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ko', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-lt', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-lv', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ms', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-nb-no', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-nl', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-nn-no', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-pa-in', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-pl', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-pt-br', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-pt-pt', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-rm', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ro', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ru', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-si', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sk', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sl', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sq', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sr', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sv-se', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-th', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-tr', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-uk', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-uz', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-vi', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-zh-cn', 'reference': '1:91.5.0-2~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-zh-tw', 'reference': '1:91.5.0-2~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'calendar-google-provider / lightning / thunderbird / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:38:35", "description": "The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5044 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-14T00:00:00", "type": "nessus", "title": "Debian DSA-5044-1 : firefox-esr - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceweasel", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-af", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-all", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-an", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-my", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-az", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-be", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-da", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-de", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-el", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-et", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-he", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-id", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-is", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-it", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-km", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-son", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-te", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-th", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-si", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5044.NASL", "href": "https://www.tenable.com/plugins/nessus/156751", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5044. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156751);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"Debian DSA-5044-1 : firefox-esr - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5044 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5044\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/firefox-esr\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/firefox-esr\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the firefox-esr packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 91.5.0esr-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'firefox-esr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ach', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-af', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-all', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-an', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ar', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ast', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-az', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-be', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bg', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bn', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-br', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bs', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ca', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ca-valencia', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cak', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cs', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cy', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-da', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-de', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-dsb', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-el', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-en-ca', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-en-gb', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-eo', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-ar', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-cl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-es', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-mx', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-et', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-eu', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fa', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ff', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fi', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fy-nl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ga-ie', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gd', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gn', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gu-in', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-he', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hi-in', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hsb', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hu', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hy-am', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ia', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-id', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-is', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-it', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ja', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ka', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kab', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kk', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-km', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kn', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ko', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lij', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lt', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lv', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-mk', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-mr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ms', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-my', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nb-no', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ne-np', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nn-no', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-oc', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pa-in', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pt-br', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pt-pt', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-rm', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ro', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ru', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sco', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-si', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sk', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-son', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sq', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sv-se', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-szl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ta', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-te', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-th', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-tl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-tr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-trs', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-uk', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ur', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-uz', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-vi', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-xh', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-zh-cn', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-zh-tw', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ach', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-af', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-all', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-an', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ar', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ast', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-az', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-be', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bg', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bn', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-br', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bs', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ca', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ca-valencia', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cak', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cs', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cy', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-da', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-de', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-dsb', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-el', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-en-ca', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-en-gb', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-eo', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-ar', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-cl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-es', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-mx', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-et', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-eu', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fa', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ff', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fi', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fy-nl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ga-ie', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gd', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gn', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gu-in', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-he', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hi-in', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hsb', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hu', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hy-am', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ia', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-id', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-is', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-it', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ja', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ka', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kab', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kk', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-km', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kn', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ko', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lij', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lt', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lv', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-mk', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-mr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ms', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-my', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nb-no', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ne-np', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nn-no', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-oc', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pa-in', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pt-br', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pt-pt', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-rm', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ro', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ru', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sco', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-si', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sk', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-son', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sq', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sv-se', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-szl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ta', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-te', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-th', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-tl', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-tr', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-trs', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-uk', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ur', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-uz', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-vi', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-xh', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-zh-cn', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-zh-tw', 'reference': '91.5.0esr-1~deb10u1'},\n {'release': '11.0', 'prefix': 'firefox-esr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ach', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-af', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-all', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-an', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ar', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ast', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-az', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-be', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bg', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bn', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-br', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bs', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ca', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ca-valencia', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cak', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cs', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cy', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-da', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-de', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-dsb', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-el', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-en-ca', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-en-gb', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-eo', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-ar', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-cl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-es', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-mx', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-et', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-eu', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fa', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ff', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fi', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fy-nl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ga-ie', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gd', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gn', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gu-in', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-he', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hi-in', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hsb', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hu', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hy-am', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ia', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-id', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-is', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-it', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ja', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ka', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kab', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kk', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-km', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kn', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ko', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lij', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lt', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lv', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-mk', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-mr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ms', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-my', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nb-no', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ne-np', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nn-no', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-oc', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pa-in', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pt-br', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pt-pt', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-rm', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ro', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ru', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sco', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-si', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sk', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-son', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sq', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sv-se', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-szl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ta', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-te', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-th', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-tl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-tr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-trs', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-uk', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ur', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-uz', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-vi', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-xh', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-zh-cn', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-zh-tw', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ach', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-af', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-all', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-an', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ar', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ast', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-az', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-be', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-bg', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-bn', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-br', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-bs', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ca', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ca-valencia', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-cak', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-cs', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-cy', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-da', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-de', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-dsb', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-el', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-en-ca', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-en-gb', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-eo', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-es-ar', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-es-cl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-es-es', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-es-mx', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-et', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-eu', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-fa', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ff', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-fi', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-fr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-fy-nl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ga-ie', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-gd', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-gl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-gn', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-gu-in', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-he', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hi-in', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hsb', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hu', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hy-am', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ia', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-id', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-is', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-it', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ja', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ka', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-kab', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-kk', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-km', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-kn', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ko', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-lij', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-lt', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-lv', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-mk', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-mr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ms', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-my', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-nb-no', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ne-np', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-nl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-nn-no', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-oc', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-pa-in', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-pl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-pt-br', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-pt-pt', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-rm', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ro', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ru', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sco', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-si', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sk', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-son', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sq', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sv-se', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-szl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ta', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-te', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-th', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-tl', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-tr', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-trs', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-uk', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ur', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-uz', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-vi', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-xh', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-zh-cn', 'reference': '91.5.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-zh-tw', 'reference': '91.5.0esr-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox-esr / firefox-esr-l10n-ach / firefox-esr-l10n-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:29", "description": "The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0129 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-18T00:00:00", "type": "nessus", "title": "CentOS 8 : thunderbird (CESA-2022:0129)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:thunderbird"], "id": "CENTOS8_RHSA-2022-0129.NASL", "href": "https://www.tenable.com/plugins/nessus/156796", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:0129. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156796);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0129\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"CentOS 8 : thunderbird (CESA-2022:0129)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2022:0129 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0129\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.5.0-1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.5.0-1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:14", "description": "The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0130 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-18T00:00:00", "type": "nessus", "title": "CentOS 8 : firefox (CESA-2022:0130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:firefox"], "id": "CENTOS8_RHSA-2022-0130.NASL", "href": "https://www.tenable.com/plugins/nessus/156795", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:0130. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156795);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0130\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"CentOS 8 : firefox (CESA-2022:0130)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2022:0130 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0130\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.5.0-1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.5.0-1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-18T14:39:49", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5229-1 advisory.\n\n - Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96.\n (CVE-2022-22752)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5229-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751", "CVE-2022-22752"], "modified": "2023-10-16T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:firefox", "p-cpe:/a:canonical:ubuntu_linux:firefox-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-geckodriver", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cak", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ne", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ia", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kab", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-my", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-szl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ur", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu", "p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols"], "id": "UBUNTU_USN-5229-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156744", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5229-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156744);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/16\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\",\n \"CVE-2022-22752\"\n );\n script_xref(name:\"USN\", value:\"5229-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5229-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.04 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5229-1 advisory.\n\n - Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96.\n (CVE-2022-22752)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5229-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22752\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-geckodriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'firefox', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-dev', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-af', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-an', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-as', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-az', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-be', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-br', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-da', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-de', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-el', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-en', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-es', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-et', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-he', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-id', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-is', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-it', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-km', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-my', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-or', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-si', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-te', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-th', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '96.0+build2-0ubuntu0.18.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-dev', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-af', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-an', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-as', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-az', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-be', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-br', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-da', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-de', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-el', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-en', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-es', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-et', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-he', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-id', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-is', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-it', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-km', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-my', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-or', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-si', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-te', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-th', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '96.0+build2-0ubuntu0.20.04.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-dev / firefox-geckodriver / firefox-locale-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:08:42", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0130 advisory.\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. (CVE-2022-22739)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. (CVE-2022-22741)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : firefox (ELSA-2022-0130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2022-0130.NASL", "href": "https://www.tenable.com/plugins/nessus/156708", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0130.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156708);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"Oracle Linux 8 : firefox (ELSA-2022-0130)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-0130 advisory.\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations\n (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. (CVE-2022-22739)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. (CVE-2022-22741)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0130.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.5.0-1.0.1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.5.0-1.0.1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:02", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0129 advisory.\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. (CVE-2022-22739)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. (CVE-2022-22741)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : thunderbird (ELSA-2022-0129)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2022-0129.NASL", "href": "https://www.tenable.com/plugins/nessus/156705", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0129.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156705);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n\n script_name(english:\"Oracle Linux 8 : thunderbird (ELSA-2022-0129)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-0129 advisory.\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations\n (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. (CVE-2022-22739)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. (CVE-2022-22741)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0129.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.5.0-1.0.1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.5.0-1.0.1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:32", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0127 advisory.\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. (CVE-2022-22739)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. (CVE-2022-22741)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : thunderbird (ELSA-2022-0127)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2022-0127.NASL", "href": "https://www.tenable.com/plugins/nessus/156706", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0127.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156706);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n\n script_name(english:\"Oracle Linux 7 : thunderbird (ELSA-2022-0127)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-0127 advisory.\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations\n (CVE-2022-22745)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. (CVE-2022-22739)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. (CVE-2022-22741)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0127.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.5.0-1.0.1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:08:37", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0128 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2022:0128)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0128.NASL", "href": "https://www.tenable.com/plugins/nessus/156731", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0128. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156731);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0128\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2022:0128)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0128 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0128\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.5.0-1.el8_4', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:20", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0129 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2022:0129)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0129.NASL", "href": "https://www.tenable.com/plugins/nessus/156739", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0129. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156739);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0129\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2022:0129)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0129 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039569\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.5.0-1.el8_5', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.5.0-1.el8_5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:38:36", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2880 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-16T00:00:00", "type": "nessus", "title": "Debian DLA-2880-1 : firefox-esr - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr", "p-cpe:/a:debian:debian_linux:firefox-esr-dev", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-as", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-za", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceweasel", "p-cpe:/a:debian:debian_linux:iceweasel-dev", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-af", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-all", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-an", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-as", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-az", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mai", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ml", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-or", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-he", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-id", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-is", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-it", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-km", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mai", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ml", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-my", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-or", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-da", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-de", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-el", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-za", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-et", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-si", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-son", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-te", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-th", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2880.NASL", "href": "https://www.tenable.com/plugins/nessus/156765", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2880. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156765);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"Debian DLA-2880-1 : firefox-esr - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2880 advisory.\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-22751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/firefox-esr\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the firefox-esr packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 91.5.0esr-1~deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'firefox-esr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-dev', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ach', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-af', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-all', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-an', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ar', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-as', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ast', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-az', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-be', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bg', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bn', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bn-bd', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bn-in', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-br', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bs', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ca', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ca-valencia', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-cak', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-cs', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-cy', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-da', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-de', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-dsb', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-el', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-en-ca', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-en-gb', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-en-za', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-eo', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-es-ar', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-es-cl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-es-es', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-es-mx', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-et', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-eu', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-fa', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ff', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-fi', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-fr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-fy-nl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ga-ie', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-gd', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-gl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-gn', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-gu-in', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-he', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hi-in', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hsb', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hu', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hy-am', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ia', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-id', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-is', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-it', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ja', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ka', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-kab', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-kk', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-km', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-kn', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ko', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-lij', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-lt', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-lv', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-mai', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-mk', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ml', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-mr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ms', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-my', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-nb-no', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ne-np', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-nl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-nn-no', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-oc', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-or', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-pa-in', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-pl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-pt-br', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-pt-pt', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-rm', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ro', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ru', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sco', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-si', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sk', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-son', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sq', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sv-se', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-szl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ta', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-te', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-th', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-tl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-tr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-trs', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-uk', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ur', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-uz', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-vi', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-xh', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-zh-cn', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-zh-tw', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-dev', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ach', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-af', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-all', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-an', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ar', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-as', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ast', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-az', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-be', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bg', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bn', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bn-bd', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bn-in', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-br', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bs', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ca', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ca-valencia', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-cak', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-cs', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-cy', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-da', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-de', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-dsb', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-el', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-en-ca', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-en-gb', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-en-za', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-eo', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-es-ar', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-es-cl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-es-es', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-es-mx', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-et', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-eu', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-fa', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ff', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-fi', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-fr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-fy-nl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ga-ie', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-gd', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-gl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-gn', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-gu-in', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-he', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hi-in', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hsb', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hu', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hy-am', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ia', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-id', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-is', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-it', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ja', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ka', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-kab', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-kk', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-km', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-kn', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ko', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-lij', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-lt', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-lv', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-mai', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-mk', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ml', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-mr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ms', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-my', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-nb-no', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ne-np', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-nl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-nn-no', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-oc', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-or', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-pa-in', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-pl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-pt-br', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-pt-pt', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-rm', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ro', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ru', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sco', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-si', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sk', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-son', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sq', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sv-se', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-szl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ta', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-te', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-th', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-tl', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-tr', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-trs', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-uk', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ur', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-uz', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-vi', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-xh', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-zh-cn', 'reference': '91.5.0esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-zh-tw', 'reference': '91.5.0esr-1~deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox-esr / firefox-esr-dev / firefox-esr-l10n-ach / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:38:35", "description": "The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0124 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-19T00:00:00", "type": "nessus", "title": "CentOS 7 : firefox (CESA-2022:0124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22745", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-20T00:00:00", "cpe": ["p-cpe:/a:centos:centos:firefox", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2022-0124.NASL", "href": "https://www.tenable.com/plugins/nessus/156821", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0124 and\n# CentOS Errata and Security Advisory 2022:0124 respectively.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156821);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22745\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n script_xref(name:\"RHSA\", value:\"2022:0124\");\n\n script_name(english:\"CentOS 7 : firefox (CESA-2022:0124)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2022:0124 advisory.\n\n - Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)\n\n - Mozilla: Race condition when playing audio files (CVE-2022-22737)\n\n - Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)\n\n - Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)\n\n - Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)\n\n - Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)\n\n - Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)\n\n - Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)\n\n - Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)\n\n - Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2022-January/073536.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?22b8d3fb\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/120.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/476.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/829.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/1021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(120, 416, 476, 829, 1021);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.5.0-1.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T15:47:10", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0137-1 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - The constructed curl command from the Copy as curl feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22744)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22746)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-21T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0137-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22744", "CVE-2022-22745", "CVE-2022-22746", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0137-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156926", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0137-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156926);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22744\",\n \"CVE-2022-22745\",\n \"CVE-2022-22746\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0137-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0137-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0137-1 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and\n Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - The constructed curl command from the Copy as curl feature in DevTools was not properly escaped for\n PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug\n only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects\n Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22744)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - A race condition could have allowed bypassing the fullscreen notification which could have lead to a\n fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating\n systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird <\n 91.5. (CVE-2022-22746)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox <\n 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194547\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.suse.com/pipermail/sle-updates/2022-January/021405.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22744\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22751\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-devel, MozillaFirefox-translations-common and / or MozillaFirefox-\ntranslations-other packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP0/1\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'MozillaFirefox-91.5.0-150.15.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.5.0-150.15.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.5.0-150.15.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.5.0-150.15.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T15:40:57", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0199-1 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - The constructed curl command from the Copy as curl feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22744)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22746)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-27T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:0199-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22744", "CVE-2022-22745", "CVE-2022-22746", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillathunderbird", "p-cpe:/a:novell:suse_linux:mozillathunderbird-translations-common", "p-cpe:/a:novell:suse_linux:mozillathunderbird-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0199-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157145", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0199-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157145);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22744\",\n \"CVE-2022-22745\",\n \"CVE-2022-22746\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0199-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:0199-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0199-1 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and\n Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - The constructed curl command from the Copy as curl feature in DevTools was not properly escaped for\n PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug\n only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects\n Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22744)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - A race condition could have allowed bypassing the fullscreen notification which could have lead to a\n fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating\n systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird <\n 91.5. (CVE-2022-22746)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox <\n 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194547\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22744\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22751\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010081.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?19ddc0c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaThunderbird, MozillaThunderbird-translations-common and / or MozillaThunderbird-translations-\nother packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaThunderbird-91.5.0-8.51.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3']},\n {'reference':'MozillaThunderbird-91.5.0-8.51.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.5.0-8.51.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.5.0-8.51.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.5.0-8.51.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.5.0-8.51.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3']},\n {'reference':'MozillaThunderbird-91.5.0-8.51.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.4']},\n {'reference':'MozillaThunderbird-91.5.0-8.51.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-91.5.0-8.51.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-91.5.0-8.51.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-91.5.0-8.51.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-91.5.0-8.51.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaThunderbird / MozillaThunderbird-translations-common / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:08:41", "description": "The version of Thunderbird installed on the remote Windows host is prior to 91.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-03 advisory.\n\n - A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed. This bug only affects Firefox for Windows. Other operating systems are unaffected. (CVE-2022-22746)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. (CVE-2022-22741)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. (CVE-2022-22748)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations (CVE-2022-22745)\n\n - The constructed curl command from the Copy as curl feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt. This bug only affects Thunderbird for Windows. Other operating systems are unaffected. (CVE-2022-22744)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. (CVE-2022-22739)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-11T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 91.5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22744", "CVE-2022-22745", "CVE-2022-22746", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_91_5.NASL", "href": "https://www.tenable.com/plugins/nessus/156610", "sourceData": "#%NASL_MIN_LEVEL 70300\n## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2022-03.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156610);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22744\",\n \"CVE-2022-22745\",\n \"CVE-2022-22746\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n\n script_name(english:\"Mozilla Thunderbird < 91.5\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A mail client installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote Windows host is prior to 91.5. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mfsa2022-03 advisory.\n\n - A race condition could have allowed bypassing the fullscreen notification which could have lead to a\n fullscreen window spoof being unnoticed. This bug only affects Firefox for Windows. Other operating\n systems are unaffected. (CVE-2022-22746)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. (CVE-2022-22743)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. (CVE-2022-22742)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. (CVE-2022-22741)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22740)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. (CVE-2022-22738)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. (CVE-2022-22737)\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.\n (CVE-2021-4140)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. (CVE-2022-22748)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations\n (CVE-2022-22745)\n\n - The constructed curl command from the Copy as curl feature in DevTools was not properly escaped for\n PowerShell. This could have lead to command injection if pasted into a Powershell prompt. This bug only\n affects Thunderbird for Windows. Other operating systems are unaffected. (CVE-2022-22744)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. (CVE-2022-22747)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. (CVE-2022-22739)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. (CVE-2022-22751)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Thunderbird version 91.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar port = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nvar installs = get_kb_list('SMB/Mozilla/Thunderbird/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Thunderbird');\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'91.5', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T15:40:57", "description": "The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0115-1 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap- buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - The constructed curl command from the Copy as curl feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22744)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22746)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-19T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:0115-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4140", "CVE-2022-22737", "CVE-2022-22738", "CVE-2022-22739", "CVE-2022-22740", "CVE-2022-22741", "CVE-2022-22742", "CVE-2022-22743", "CVE-2022-22744", "CVE-2022-22745", "CVE-2022-22746", "CVE-2022-22747", "CVE-2022-22748", "CVE-2022-22751"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0115-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156811", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0115-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156811);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2021-4140\",\n \"CVE-2022-22737\",\n \"CVE-2022-22738\",\n \"CVE-2022-22739\",\n \"CVE-2022-22740\",\n \"CVE-2022-22741\",\n \"CVE-2022-22742\",\n \"CVE-2022-22743\",\n \"CVE-2022-22744\",\n \"CVE-2022-22745\",\n \"CVE-2022-22746\",\n \"CVE-2022-22747\",\n \"CVE-2022-22748\",\n \"CVE-2022-22751\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0115-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0017-S\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:0115-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:0115-1 advisory.\n\n - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This\n vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2021-4140)\n\n - Constructing audio sinks could have lead to a race condition when playing audio files and closing windows.\n This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability\n affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22737)\n\n - Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-\n buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22738)\n\n - Malicious websites could have tricked users into accepting launching a program to handle an external URL\n protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22739)\n\n - Certain network request objects were freed too early when releasing a network request handle. This could\n have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22740)\n\n - When resizing a popup while requesting fullscreen access, the popup would have become unable to leave\n fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n (CVE-2022-22741)\n\n - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access\n causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and\n Thunderbird < 91.5. (CVE-2022-22742)\n\n - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could\n have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22743)\n\n - The constructed curl command from the Copy as curl feature in DevTools was not properly escaped for\n PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug\n only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects\n Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22744)\n\n - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.\n This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22745)\n\n - A race condition could have allowed bypassing the fullscreen notification which could have lead to a\n fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating\n systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird <\n 91.5. (CVE-2022-22746)\n\n - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data\n could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox\n ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22747)\n\n - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a\n program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox <\n 96, and Thunderbird < 91.5. (CVE-2022-22748)\n\n - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson\n Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR\n 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5,\n Firefox < 96, and Thunderbird < 91.5. (CVE-2022-22751)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194547\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22744\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-22751\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010018.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?af702dbe\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-devel and / or MozillaFirefox-translations-common packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22751\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4140\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\&