{"title": "gst-plugins-bad0.10 -- security update", "reporter": "Debian", "lastseen": "2016-09-02T18:29:47", "history": [], "modified": "2015-04-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}, "vulnersScore": 7.5}, "hash": "454d79d9894457eaac223eabb3fb9be38b4644997133c294837fe9d4ec50af51", "cvelist": ["CVE-2015-0797"], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "0.10.23-7.1+deb7u2", "operator": "lt", "packageName": "gstreamer0.10-plugins-bad", "arch": "all", "packageFilename": "gstreamer0.10-plugins-bad_0.10.23-7.1+deb7u2_all.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "0.10.23-7.1+deb7u2", "operator": "lt", "packageName": "gstreamer0.10-plugins-bad-doc", "arch": "all", "packageFilename": "gstreamer0.10-plugins-bad-doc_0.10.23-7.1+deb7u2_all.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "0.10.23-7.1+deb7u2", "operator": "lt", "packageName": "libgstreamer-plugins-bad0.10-0", "arch": "all", "packageFilename": "libgstreamer-plugins-bad0.10-0_0.10.23-7.1+deb7u2_all.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "0.10.23-7.1+deb7u2", "operator": "lt", "packageName": "libgstreamer-plugins-bad0.10-dev", "arch": "all", "packageFilename": "libgstreamer-plugins-bad0.10-dev_0.10.23-7.1+deb7u2_all.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "0.10.23-7.1+deb7u2", "operator": "lt", "packageName": "gst-plugins-bad0.10", "arch": "all", "packageFilename": "gst-plugins-bad0.10_0.10.23-7.1+deb7u2_all.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "0.10.23-7.1+deb7u2", "operator": "lt", "packageName": "gstreamer0.10-plugins-bad-dbg", "arch": "all", "packageFilename": "gstreamer0.10-plugins-bad-dbg_0.10.23-7.1+deb7u2_all.deb"}], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "viewCount": 0, "objectVersion": "1.2", "edition": 1, "description": "Aki Helin discovered a buffer overflow in the GStreamer plugin for MP4 playback, which could lead to the execution of arbitrary code.\n\nFor the stable distribution (wheezy), this problem has been fixed in version 0.10.23-7.1+deb7u2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your gst-plugins-bad0.10 packages.", "type": "debian", "references": [], "href": "http://www.debian.org/security/dsa-3225", "published": "2015-04-15T00:00:00", "bulletinFamily": "unix", "id": "DSA-3225"}

{"cve": [{"lastseen": "2017-04-18T15:55:58", "references": ["http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "http://rhn.redhat.com/errata/RHSA-2015-0988.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=1080995", "http://www.debian.org/security/2015/dsa-3260", "https://security.gentoo.org/glsa/201512-07", "http://www.debian.org/security/2015/dsa-3264", "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00017.html", "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html", "http://www.debian.org/security/2015/dsa-3225", "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7", "http://rhn.redhat.com/errata/RHSA-2015-1012.html", "http://www.mozilla.org/security/announce/2015/mfsa2015-47.html"], "edition": 2, "description": "GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.", "reporter": "NVD", "published": "2015-05-14T06:59:00", "title": "CVE-2015-0797", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2015-0797"], "scanner": [], "modified": "2017-01-02T21:59:43", "cpe": ["cpe:/o:oracle:solaris:10.0", "cpe:/a:mozilla:firefox_esr:31.6.0", "cpe:/a:mozilla:firefox_esr:31.3.0", "cpe:/a:mozilla:firefox_esr:31.1", "cpe:/a:mozilla:firefox_esr:31.5", "cpe:/a:mozilla:firefox_esr:31.5.2", "cpe:/a:mozilla:firefox_esr:31.1.1", "cpe:/a:mozilla:firefox_esr:31.3", "cpe:/o:linux:linux_kernel", "cpe:/a:mozilla:firefox_esr:31.4", "cpe:/a:mozilla:firefox_esr:31.0", "cpe:/a:mozilla:thunderbird:31.5", "cpe:/a:gstreamer:gstreamer:1.4.4", "cpe:/a:mozilla:firefox:37.0.2", "cpe:/a:mozilla:firefox_esr:31.2", "cpe:/a:mozilla:firefox_esr:31.5.1", "cpe:/a:mozilla:firefox_esr:31.5.3", "cpe:/o:oracle:solaris:11.3", "cpe:/a:mozilla:firefox_esr:31.1.0"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0797", "id": "CVE-2015-0797", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-02T00:01:48", "references": ["https://www.suse.com/security/cve/CVE-2015-0797.html", "https://bugzilla.suse.com/927559", "http://www.nessus.org/u?ff655e8c"], "pluginID": "83857", "description": "gstreamer-0_10-plugins-bad was updated to fix a security issue, a buffer overflow in mp4 parsing (bnc#927559 CVE-2015-0797).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2015-05-27T00:00:00", "title": "SUSE SLED12 Security Update : gstreamer-0_10-plugins-bad (SUSE-SU-2015:0942-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0797"], "modified": "2018-07-31T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgstphotography-0_10", "p-cpe:/a:novell:suse_linux:libgstvdp-0_10-23", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad-debugsource", "p-cpe:/a:novell:suse_linux:libgstcodecparsers-0_10-23-debuginfo", "p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10-23", "p-cpe:/a:novell:suse_linux:libgstcodecparsers-0_10", "p-cpe:/a:novell:suse_linux:libgstvdp-0_10-23-debuginfo", "p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10", "p-cpe:/a:novell:suse_linux:libgstphotography-0_10-23", "p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad", "p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10-23-debuginfo", "p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10-23", "p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10-23-debuginfo", "p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10-23", "p-cpe:/a:novell:suse_linux:libgstvdp-0_10", "p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10-23-debuginfo", "p-cpe:/a:novell:suse_linux:libgstphotography-0_10-23-debuginfo", "p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10", "p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad-debuginfo", "p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10"], "id": "SUSE_SU-2015-0942-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83857", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0942-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83857);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/07/31 17:27:54\");\n\n script_cve_id(\"CVE-2015-0797\");\n script_bugtraq_id(74181);\n\n script_name(english:\"SUSE SLED12 Security Update : gstreamer-0_10-plugins-bad (SUSE-SU-2015:0942-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"gstreamer-0_10-plugins-bad was updated to fix a security issue, a\nbuffer overflow in mp4 parsing (bnc#927559 CVE-2015-0797).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/927559\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0797.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150942-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ff655e8c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12 :\n\nzypper in -t patch SUSE-SLE-WE-12-2015-211=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-211=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-211=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10-23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10-23-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10-23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10-23-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstcodecparsers-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstcodecparsers-0_10-23-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstphotography-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstphotography-0_10-23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstphotography-0_10-23-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10-23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10-23-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstvdp-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstvdp-0_10-23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstvdp-0_10-23-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"gstreamer-0_10-plugins-bad-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"gstreamer-0_10-plugins-bad-debuginfo-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"gstreamer-0_10-plugins-bad-debuginfo-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"gstreamer-0_10-plugins-bad-debugsource-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstbasecamerabinsrc-0_10-23-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstbasecamerabinsrc-0_10-23-debuginfo-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstbasecamerabinsrc-0_10-23-debuginfo-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstbasevideo-0_10-23-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstbasevideo-0_10-23-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstbasevideo-0_10-23-debuginfo-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstbasevideo-0_10-23-debuginfo-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstcodecparsers-0_10-23-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstcodecparsers-0_10-23-debuginfo-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstphotography-0_10-23-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstphotography-0_10-23-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstphotography-0_10-23-debuginfo-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstphotography-0_10-23-debuginfo-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstsignalprocessor-0_10-23-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstsignalprocessor-0_10-23-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstsignalprocessor-0_10-23-debuginfo-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstsignalprocessor-0_10-23-debuginfo-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstvdp-0_10-23-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstvdp-0_10-23-32bit-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstvdp-0_10-23-debuginfo-0.10.23-17.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgstvdp-0_10-23-debuginfo-32bit-0.10.23-17.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-0_10-plugins-bad\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:35:36", "references": ["https://packages.debian.org/source/wheezy/gst-plugins-bad0.10", "http://www.debian.org/security/2015/dsa-3225"], "pluginID": "82838", "description": "Aki Helin discovered a buffer overflow in the GStreamer plugin for MP4 playback, which could lead to the execution of arbitrary code.", "edition": 5, "reporter": "Tenable", "published": "2015-04-17T00:00:00", "title": "Debian DSA-3225-1 : gst-plugins-bad0.10 - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0797"], "modified": "2018-07-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:gst-plugins-bad0.10", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3225.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82838", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3225. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82838);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/10 14:27:31\");\n\n script_cve_id(\"CVE-2015-0797\");\n script_xref(name:\"DSA\", value:\"3225\");\n\n script_name(english:\"Debian DSA-3225-1 : gst-plugins-bad0.10 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Aki Helin discovered a buffer overflow in the GStreamer plugin for MP4\nplayback, which could lead to the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/gst-plugins-bad0.10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3225\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gst-plugins-bad0.10 packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 0.10.23-7.1+deb7u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gst-plugins-bad0.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"gstreamer0.10-plugins-bad\", reference:\"0.10.23-7.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gstreamer0.10-plugins-bad-dbg\", reference:\"0.10.23-7.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gstreamer0.10-plugins-bad-doc\", reference:\"0.10.23-7.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgstreamer-plugins-bad0.10-0\", reference:\"0.10.23-7.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgstreamer-plugins-bad0.10-dev\", reference:\"0.10.23-7.1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:57:28", "references": ["https://security.gentoo.org/glsa/201512-07"], "pluginID": "87707", "description": "The remote host is affected by the vulnerability described in GLSA-201512-07 (GStreamer: User-assisted execution of arbitrary code)\n\n A buffer overflow vulnerability has been found in the parsing of H.264 formatted video.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted H.264 formatted video using an application linked against GStreamer, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "edition": 4, "reporter": "Tenable", "published": "2016-01-04T00:00:00", "title": "GLSA-201512-07 : GStreamer: User-assisted execution of arbitrary code", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0797"], "modified": "2016-02-10T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:gst-plugins-bad", "cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:gstreamer"], "id": "GENTOO_GLSA-201512-07.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=87707", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201512-07.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87707);\n script_version(\"$Revision: 2.3 $\");\n script_cvs_date(\"$Date: 2016/02/10 14:39:24 $\");\n\n script_cve_id(\"CVE-2015-0797\");\n script_xref(name:\"GLSA\", value:\"201512-07\");\n\n script_name(english:\"GLSA-201512-07 : GStreamer: User-assisted execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201512-07\n(GStreamer: User-assisted execution of arbitrary code)\n\n A buffer overflow vulnerability has been found in the parsing of H.264\n formatted video.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted H.264\n formatted video using an application linked against GStreamer, possibly\n resulting in execution of arbitrary code with the privileges of the\n process or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201512-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All GStreamer users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/gstreamer-1.4.5'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gst-plugins-bad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gstreamer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/gstreamer\", unaffected:make_list(\"ge 1.4.5\", \"rge 0.10.36-r2\"), vulnerable:make_list(\"lt 1.4.5\"))) flag++;\nif (qpkg_check(package:\"media-libs/gst-plugins-bad\", unaffected:make_list(\"rge 0.10.23-r3\"), vulnerable:make_list(\"lt 0.10.23-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GStreamer\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:41:53", "references": ["https://www.suse.com/security/cve/CVE-2015-0797.html", "https://bugzilla.suse.com/927559", "http://www.nessus.org/u?c4b515d3", "http://www.nessus.org/u?d9ac9fed"], "pluginID": "83755", "description": "gstreamer-0_10-plugins-bad was updated to fix a security issue, a buffer overflow in mp4 parsing (bnc#927559 CVE-2015-0797).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2015-05-21T00:00:00", "title": "SUSE SLED11 Security Update : gstreamer-0_10-plugins-bad (SUSE-SU-2015:0921-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0797"], "modified": "2018-07-31T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgstphotography-0_10", "p-cpe:/a:novell:suse_linux:libgstvdp-0_10-0", "p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10", "p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10-0", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad-lang", "p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad", "p-cpe:/a:novell:suse_linux:libgstphotography-0_10-0", "p-cpe:/a:novell:suse_linux:libgstvdp-0_10", "p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10-0", "p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10", "p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10-0", "p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10"], "id": "SUSE_SU-2015-0921-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83755", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0921-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83755);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/07/31 17:27:54\");\n\n script_cve_id(\"CVE-2015-0797\");\n script_bugtraq_id(74181);\n\n script_name(english:\"SUSE SLED11 Security Update : gstreamer-0_10-plugins-bad (SUSE-SU-2015:0921-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"gstreamer-0_10-plugins-bad was updated to fix a security issue, a\nbuffer overflow in mp4 parsing (bnc#927559 CVE-2015-0797).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/927559\"\n );\n # https://download.suse.com/patch/finder/?keywords=f7ccd0598b1d14e206c07e76854611ef\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c4b515d3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0797.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150921-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d9ac9fed\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Desktop 11 SP3 :\n\nzypper in -t patch sledsp3-gstreamer-0_10-plugins-bad=10643\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gstreamer-0_10-plugins-bad-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasecamerabinsrc-0_10-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstbasevideo-0_10-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstphotography-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstphotography-0_10-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstsignalprocessor-0_10-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstvdp-0_10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgstvdp-0_10-0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED11\" && (! ereg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"gstreamer-0_10-plugins-bad-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"gstreamer-0_10-plugins-bad-lang-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstbasecamerabinsrc-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstbasevideo-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstphotography-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstsignalprocessor-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstvdp-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstbasecamerabinsrc-0_10-0-32bit-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstbasevideo-0_10-0-32bit-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstphotography-0_10-0-32bit-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstsignalprocessor-0_10-0-32bit-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libgstvdp-0_10-0-32bit-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"gstreamer-0_10-plugins-bad-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"gstreamer-0_10-plugins-bad-lang-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"libgstbasecamerabinsrc-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"libgstbasevideo-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"libgstphotography-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"libgstsignalprocessor-0_10-0-0.10.22-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"libgstvdp-0_10-0-0.10.22-7.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-0_10-plugins-bad\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:21", "references": ["https://packages.debian.org/source/jessie/icedove", "https://packages.debian.org/source/wheezy/icedove", "http://www.debian.org/security/2015/dsa-3264"], "pluginID": "83547", "description": "Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service.", "edition": 5, "reporter": "Tenable", "published": "2015-05-20T00:00:00", "title": "Debian DSA-3264-1 : icedove - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:icedove"], "id": "DEBIAN_DSA-3264.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83547", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3264. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83547);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/07/10 14:27:31\");\n\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\", \"CVE-2015-2713\", \"CVE-2015-2716\");\n script_xref(name:\"DSA\", value:\"3264\");\n\n script_name(english:\"Debian DSA-3264-1 : icedove - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Icedove, Debian's version\nof the Mozilla Thunderbird mail client: Multiple memory safety errors,\nbuffer overflows and use-after-frees may lead to the execution of\narbitrary code, privilege escalation or denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/icedove\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/icedove\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3264\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the icedove packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 31.7.0-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 31.7.0-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"calendar-google-provider\", reference:\"31.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove\", reference:\"31.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-dbg\", reference:\"31.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-dev\", reference:\"31.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-extension\", reference:\"31.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"calendar-google-provider\", reference:\"31.7.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove\", reference:\"31.7.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-dbg\", reference:\"31.7.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-dev\", reference:\"31.7.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-extension\", reference:\"31.7.0-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:09:52", "references": ["http://www.nessus.org/u?fab29fc3"], "pluginID": "83450", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox processed compressed XML data. An attacker could create specially crafted compressed XML content that, when processed by Firefox, could cause it to crash or execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2716)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "edition": 4, "reporter": "Tenable", "published": "2015-05-14T00:00:00", "title": "Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2015-07-12T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150512_FIREFOX_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83450", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83450);\n script_version(\"$Revision: 2.5 $\");\n script_cvs_date(\"$Date: 2015/07/12 04:39:12 $\");\n\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\", \"CVE-2015-2713\", \"CVE-2015-2716\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710,\nCVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox\nprocessed compressed XML data. An attacker could create specially\ncrafted compressed XML content that, when processed by Firefox, could\ncause it to crash or execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2015-2716)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1505&L=scientific-linux-errata&T=0&P=1996\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fab29fc3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox and / or firefox-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"firefox-38.0-4.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"firefox-debuginfo-38.0-4.el5_11\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"firefox-38.0-4.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"firefox-debuginfo-38.0-4.el6_6\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"firefox-38.0-3.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"firefox-debuginfo-38.0-3.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:19", "references": ["https://www.suse.com/security/cve/CVE-2015-2708.html", "https://www.suse.com/security/cve/CVE-2015-2716.html", "http://www.nessus.org/u?63cd1e33", "https://www.suse.com/security/cve/CVE-2015-2709.html", "https://bugzilla.suse.com/930622", "https://www.suse.com/security/cve/CVE-2015-2710.html", "https://www.suse.com/security/cve/CVE-2015-0797.html", "https://www.suse.com/security/cve/CVE-2015-2713.html", "http://www.nessus.org/u?88c00acd"], "pluginID": "83947", "description": "This update to Firefox 31.7.0 ESR fixes the following issues :\n\nMFSA 2015-46 (CVE-2015-2708, CVE-2015-2709): Miscellaneous memory safety hazards (rv:38.0 / rv:31.7). Upstream references: bmo#1120655, bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977, bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526, bmo#1153688, bmo#1155474.\n\nMFSA 2015-47 (CVE-2015-0797): Buffer overflow parsing H.264 video with Linux Gstreamer. Upstream references: bmo#1080995.\n\nMFSA 2015-48 (CVE-2015-2710): Buffer overflow with SVG content and CSS. Upstream references: bmo#1149542.\n\nMFSA 2015-51 (CVE-2015-2713): Use-after-free during text processing with vertical text enabled. Upstream references: bmo#1153478.\n\nMFSA 2015-54 (CVE-2015-2716): Buffer overflow when parsing compressed XML. Upstream references: bmo#1140537.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2015-06-02T00:00:00", "title": "SUSE SLED11 / SLES11 Security Update : MozillaFirefox (SUSE-SU-2015:0978-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2709", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2018-07-31T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations"], "id": "SUSE_SU-2015-0978-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83947", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0978-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83947);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/07/31 17:27:54\");\n\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2709\", \"CVE-2015-2710\", \"CVE-2015-2713\", \"CVE-2015-2716\");\n script_bugtraq_id(74181, 74611, 74615);\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : MozillaFirefox (SUSE-SU-2015:0978-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update to Firefox 31.7.0 ESR fixes the following issues :\n\nMFSA 2015-46 (CVE-2015-2708, CVE-2015-2709): Miscellaneous memory\nsafety hazards (rv:38.0 / rv:31.7). Upstream references: bmo#1120655,\nbmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977,\nbmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526,\nbmo#1153688, bmo#1155474.\n\nMFSA 2015-47 (CVE-2015-0797): Buffer overflow parsing H.264 video with\nLinux Gstreamer. Upstream references: bmo#1080995.\n\nMFSA 2015-48 (CVE-2015-2710): Buffer overflow with SVG content and\nCSS. Upstream references: bmo#1149542.\n\nMFSA 2015-51 (CVE-2015-2713): Use-after-free during text processing\nwith vertical text enabled. Upstream references: bmo#1153478.\n\nMFSA 2015-54 (CVE-2015-2716): Buffer overflow when parsing compressed\nXML. Upstream references: bmo#1140537.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/930622\"\n );\n # https://download.suse.com/patch/finder/?keywords=ab9c724c1f8dad58c3aecf28fa855174\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?88c00acd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0797.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2708.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2709.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2710.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2713.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2716.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150978-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?63cd1e33\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11 SP3 :\n\nzypper in -t patch sdksp3-firefox-20150510=10691\n\nSUSE Linux Enterprise Server 11 SP3 for VMware :\n\nzypper in -t patch slessp3-firefox-20150510=10691\n\nSUSE Linux Enterprise Server 11 SP3 :\n\nzypper in -t patch slessp3-firefox-20150510=10691\n\nSUSE Linux Enterprise Desktop 11 SP3 :\n\nzypper in -t patch sledsp3-firefox-20150510=10691\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! ereg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"MozillaFirefox-31.7.0esr-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"MozillaFirefox-translations-31.7.0esr-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"MozillaFirefox-31.7.0esr-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"MozillaFirefox-translations-31.7.0esr-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"MozillaFirefox-31.7.0esr-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"MozillaFirefox-translations-31.7.0esr-0.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:39:08", "references": ["http://lists.centos.org/pipermail/centos-announce/2015-May/021132.html", "http://lists.centos.org/pipermail/centos-announce/2015-May/021104.html", "http://lists.centos.org/pipermail/centos-announce/2015-May/021133.html"], "pluginID": "83378", "description": "Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox processed compressed XML data. An attacker could create specially crafted compressed XML content that, when processed by Firefox, could cause it to crash or execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2716)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Jesse Ruderman, Mats Palmgren, Byron Campen, Steve Fink, Aki Helin, Atte Kettunen, Scott Bell, and Ucha Gobejishvili as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 38.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "edition": 5, "reporter": "Tenable", "published": "2015-05-13T00:00:00", "title": "CentOS 5 / 6 / 7 : firefox (CESA-2015:0988)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-4496", "CVE-2015-0797"], "modified": "2018-07-02T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:firefox", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2015-0988.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83378", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0988 and \n# CentOS Errata and Security Advisory 2015:0988 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83378);\n script_version(\"2.16\");\n script_cvs_date(\"Date: 2018/07/02 18:48:53\");\n\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\", \"CVE-2015-2713\", \"CVE-2015-2716\", \"CVE-2015-4496\");\n script_bugtraq_id(74181, 74611, 74615);\n script_xref(name:\"RHSA\", value:\"2015:0988\");\n\n script_name(english:\"CentOS 5 / 6 / 7 : firefox (CESA-2015:0988)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710,\nCVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox\nprocessed compressed XML data. An attacker could create specially\ncrafted compressed XML content that, when processed by Firefox, could\ncause it to crash or execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2015-2716)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Jesse Ruderman, Mats Palmgren, Byron\nCampen, Steve Fink, Aki Helin, Atte Kettunen, Scott Bell, and Ucha\nGobejishvili as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 38.0 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.centos.org/pipermail/centos-announce/2015-May/021104.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.centos.org/pipermail/centos-announce/2015-May/021132.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.centos.org/pipermail/centos-announce/2015-May/021133.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"firefox-38.0-4.el5.centos\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"firefox-38.0-4.el6.centos\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"firefox-38.0-3.el7.centos\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:10:24", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=930622"], "pluginID": "83800", "description": "The Mozilla Thunderbird email, news, and chat client was updated to version 31.7.0 to fix several security issues.\n\nThe following vulnerabilities were fixed (bnc#930622) :\n\n - MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards\n\n - MFSA 2015-47/CVE-2015-0797 (bmo#1080995) Buffer overflow parsing H.264 video with Linux Gstreamer\n\n - MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow with SVG content and CSS\n\n - MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free during text processing with vertical text enabled\n\n - MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow when parsing compressed XML\n\n - MFSA 2015-57/CVE-2011-3079 (bmo#1087565) Privilege escalation through IPC channel messages", "edition": 4, "reporter": "Tenable", "published": "2015-05-26T00:00:00", "title": "openSUSE Security Update : MozillaThunderbird (openSUSE-2015-374)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2011-3079", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2015-05-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2015-374.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83800", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-374.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83800);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2015/05/26 13:52:13 $\");\n\n script_cve_id(\"CVE-2011-3079\", \"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\", \"CVE-2015-2713\", \"CVE-2015-2716\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (openSUSE-2015-374)\");\n script_summary(english:\"Check for the openSUSE-2015-374 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla Thunderbird email, news, and chat client was updated to\nversion 31.7.0 to fix several security issues.\n\nThe following vulnerabilities were fixed (bnc#930622) :\n\n - MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety\n hazards\n\n - MFSA 2015-47/CVE-2015-0797 (bmo#1080995) Buffer overflow\n parsing H.264 video with Linux Gstreamer\n\n - MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow\n with SVG content and CSS\n\n - MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free\n during text processing with vertical text enabled\n\n - MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow\n when parsing compressed XML\n\n - MFSA 2015-57/CVE-2011-3079 (bmo#1087565) Privilege\n escalation through IPC channel messages\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=930622\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-31.7.0-70.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-buildsymbols-31.7.0-70.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-debuginfo-31.7.0-70.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-debugsource-31.7.0-70.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-devel-31.7.0-70.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-translations-common-31.7.0-70.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-translations-other-31.7.0-70.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-31.7.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-buildsymbols-31.7.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-debuginfo-31.7.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-debugsource-31.7.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-devel-31.7.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-translations-common-31.7.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-translations-other-31.7.0-18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird / MozillaThunderbird-buildsymbols / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:50", "references": ["http://www.debian.org/security/2015/dsa-3260", "https://packages.debian.org/source/wheezy/iceweasel", "https://packages.debian.org/source/jessie/iceweasel"], "pluginID": "83423", "description": "Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service.", "edition": 5, "reporter": "Tenable", "published": "2015-05-13T00:00:00", "title": "Debian DSA-3260-1 : iceweasel - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2011-3079", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:iceweasel", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3260.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83423", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3260. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83423);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/07/10 14:27:31\");\n\n script_cve_id(\"CVE-2011-3079\", \"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\", \"CVE-2015-2713\", \"CVE-2015-2716\");\n script_xref(name:\"DSA\", value:\"3260\");\n\n script_name(english:\"Debian DSA-3260-1 : iceweasel - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Iceweasel, Debian's\nversion of the Mozilla Firefox web browser: Multiple memory safety\nerrors, buffer overflows and use-after-frees may lead to the execution\nof arbitrary code, privilege escalation or denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/iceweasel\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/iceweasel\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3260\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the iceweasel packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 31.7.0esr-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 31.7.0esr-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dbg\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dev\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ach\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-af\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-all\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-an\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ar\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-as\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ast\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-be\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bg\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-br\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bs\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ca\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cs\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-csb\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cy\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-da\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-de\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-el\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eo\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-et\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eu\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fa\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ff\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fi\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fr\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gd\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gl\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-he\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hr\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hu\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-id\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-is\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-it\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ja\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kk\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-km\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kn\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ko\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ku\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lij\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lt\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lv\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mai\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mk\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ml\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mr\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ms\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nl\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-or\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pl\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-rm\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ro\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ru\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-si\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sk\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sl\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-son\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sq\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sr\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ta\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-te\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-th\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-tr\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-uk\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-vi\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-xh\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zu\", reference:\"31.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-dbg\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-dev\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ach\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-af\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-all\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-an\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ar\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-as\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ast\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-be\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bg\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-br\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bs\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ca\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-cs\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-csb\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-cy\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-da\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-de\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-el\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-eo\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-et\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-eu\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fa\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ff\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fi\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fr\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gd\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gl\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-he\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hr\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hu\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-id\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-is\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-it\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ja\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-kk\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-km\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-kn\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ko\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ku\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lij\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lt\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lv\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mai\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mk\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ml\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mr\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ms\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nl\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-or\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pl\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-rm\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ro\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ru\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-si\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sk\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sl\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-son\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sq\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sr\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ta\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-te\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-th\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-tr\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-uk\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-vi\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-xh\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-zu\", reference:\"31.7.0esr-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-01T23:50:14", "references": ["2015:0921_1"], "pluginID": "1361412562310851085", "description": "Check the version of gstreamer-0_10-plugins-bad", "edition": 6, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-10-16T00:00:00", "title": "SuSE Update for gstreamer-0_10-plugins-bad SUSE-SU-2015:0921-1 (gstreamer-0_10-plugins-bad)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0797"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:1361412562310851085", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851085", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_0921_1.nasl 8046 2017-12-08 08:48:56Z santu $\n#\n# SuSE Update for gstreamer-0_10-plugins-bad SUSE-SU-2015:0921-1 (gstreamer-0_10-plugins-bad)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851085\");\n script_version(\"$Revision: 8046 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 09:48:56 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 19:42:41 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-0797\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for gstreamer-0_10-plugins-bad SUSE-SU-2015:0921-1 (gstreamer-0_10-plugins-bad)\");\n script_tag(name: \"summary\", value: \"Check the version of gstreamer-0_10-plugins-bad\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"\n gstreamer-0_10-plugins-bad was updated to fix a security issue, a buffer\n overflow in mp4 parsing (bnc#927559 CVE-2015-0797).\n\n Security Issues:\n\n * CVE-2015-0797\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797\");\n script_tag(name: \"affected\", value: \"gstreamer-0_10-plugins-bad on SUSE Linux Enterprise Desktop 11 SP3\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"SUSE-SU\", value: \"2015:0921_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"SLED11.0SP3\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad\", rpm:\"gstreamer-0_10-plugins-bad~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-bad-lang\", rpm:\"gstreamer-0_10-plugins-bad-lang~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstbasecamerabinsrc-0_10-0\", rpm:\"libgstbasecamerabinsrc-0_10-0~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstbasevideo-0_10-0\", rpm:\"libgstbasevideo-0_10-0~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstphotography-0_10-0\", rpm:\"libgstphotography-0_10-0~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstsignalprocessor-0_10-0\", rpm:\"libgstsignalprocessor-0_10-0~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstvdp-0_10-0\", rpm:\"libgstvdp-0_10-0~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstbasecamerabinsrc-0_10-0-32bit\", rpm:\"libgstbasecamerabinsrc-0_10-0-32bit~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstbasevideo-0_10-0-32bit\", rpm:\"libgstbasevideo-0_10-0-32bit~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstphotography-0_10-0-32bit\", rpm:\"libgstphotography-0_10-0-32bit~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstsignalprocessor-0_10-0-32bit\", rpm:\"libgstsignalprocessor-0_10-0-32bit~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgstvdp-0_10-0-32bit\", rpm:\"libgstvdp-0_10-0-32bit~0.10.22~7.11.1\", rls:\"SLED11.0SP3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:28", "references": ["http://www.debian.org/security/2015/dsa-3225.html"], "pluginID": "1361412562310703225", "description": "Aki Helin discovered a buffer overflow in the GStreamer plugin for MP4\nplayback, which could lead to the execution of arbitrary code.", "edition": 3, "reporter": "Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net", "published": "2015-04-15T00:00:00", "title": "Debian Security Advisory DSA 3225-1 (gst-plugins-bad0.10 - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0797"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310703225", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703225", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3225.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3225-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703225\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-0797\");\n script_name(\"Debian Security Advisory DSA 3225-1 (gst-plugins-bad0.10 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-04-15 00:00:00 +0200 (Wed, 15 Apr 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3225.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"gst-plugins-bad0.10 on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy), this problem has been fixed in\nversion 0.10.23-7.1+deb7u2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your gst-plugins-bad0.10 packages.\");\n script_tag(name: \"summary\", value: \"Aki Helin discovered a buffer overflow in the GStreamer plugin for MP4\nplayback, which could lead to the execution of arbitrary code.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad-dbg\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad-doc\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgstreamer-plugins-bad0.10-0\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgstreamer-plugins-bad0.10-dev\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:38", "references": ["https://security.gentoo.org/glsa/201512-07"], "pluginID": "1361412562310121429", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201512-07", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-12-31T00:00:00", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201512-07", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0797"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310121429", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121429", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Gentoo Linux security check\n# $Id: glsa-201512-07.nasl 9374 2018-04-06 08:58:12Z cfischer $\n\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.121429\");\nscript_version(\"$Revision: 9374 $\");\nscript_tag(name:\"creation_date\", value:\"2015-12-31 11:46:01 +0200 (Thu, 31 Dec 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:58:12 +0200 (Fri, 06 Apr 2018) $\");\nscript_name(\"Gentoo Linux Local Check: https://security.gentoo.org/glsa/201512-07\");\nscript_tag(name: \"insight\", value: \"A buffer overflow vulnerability has been found in the parsing of H.264 formatted video.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://security.gentoo.org/glsa/201512-07\");\nscript_cve_id(\"CVE-2015-0797\");\nscript_tag(name:\"cvss_base\", value:\"6.8\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201512-07\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Gentoo Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"media-libs/gstreamer\", unaffected: make_list(\"ge 1.4.5\"), vulnerable: make_list(\"lt 1.4.5\"))) != NULL) {\n\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-07T11:20:47", "references": ["http://www.debian.org/security/2015/dsa-3225.html"], "pluginID": "703225", "description": "Aki Helin discovered a buffer overflow in the GStreamer plugin for MP4\nplayback, which could lead to the execution of arbitrary code.", "edition": 4, "reporter": "Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net", "published": "2015-04-15T00:00:00", "title": "Debian Security Advisory DSA 3225-1 (gst-plugins-bad0.10 - security update)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0797"], "modified": "2017-12-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703225", "id": "OPENVAS:703225", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3225.nasl 8008 2017-12-06 10:53:07Z teissa $\n# Auto-generated from advisory DSA 3225-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703225);\n script_version(\"$Revision: 8008 $\");\n script_cve_id(\"CVE-2015-0797\");\n script_name(\"Debian Security Advisory DSA 3225-1 (gst-plugins-bad0.10 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-12-06 11:53:07 +0100 (Wed, 06 Dec 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-04-15 00:00:00 +0200 (Wed, 15 Apr 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3225.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"gst-plugins-bad0.10 on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy), this problem has been fixed in\nversion 0.10.23-7.1+deb7u2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your gst-plugins-bad0.10 packages.\");\n script_tag(name: \"summary\", value: \"Aki Helin discovered a buffer overflow in the GStreamer plugin for MP4\nplayback, which could lead to the execution of arbitrary code.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad-dbg\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad-doc\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgstreamer-plugins-bad0.10-0\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgstreamer-plugins-bad0.10-dev\", ver:\"0.10.23-7.1+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-17T13:35:58", "references": ["https://www.mozilla.org/en-US/security/advisories/mfsa2015-54", "http://www.mozilla.org/security/announce/2015/mfsa2015-47.html"], "pluginID": "1361412562310805630", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "edition": 5, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-05-21T00:00:00", "title": "Mozilla Thunderbird Multiple Vulnerabilities-01 May15 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2018-09-17T00:00:00", "id": "OPENVAS:1361412562310805630", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805630", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_thunderbird_mult_vuln01_may15_macosx.nasl 11423 2018-09-17 07:35:16Z cfischer $\n#\n# Mozilla Thunderbird Multiple Vulnerabilities-01 May15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805630\");\n script_version(\"$Revision: 11423 $\");\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\", \"CVE-2015-2713\",\n \"CVE-2015-2716\");\n script_bugtraq_id(74615, 74611);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-17 09:35:16 +0200 (Mon, 17 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-21 18:33:07 +0530 (Thu, 21 May 2015)\");\n script_name(\"Mozilla Thunderbird Multiple Vulnerabilities-01 May15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Buffer overflow in the XML parser in Mozilla Firefox.\n\n - Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox.\n\n - Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox.\n\n - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox.\n\n - Flaw in GStreamer in Mozilla Firefox.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a\n context-dependent attacker to execute arbitrary code, gain unauthorized access\n to sensitive information and cause the server to crash.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird before version 31.7\n on Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version\n 31.7 or later, For updates refer https://www.mozilla.org/en-US/thunderbird\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-54\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2015/mfsa2015-47.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"ThunderBird/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"31.7\"))\n{\n report = 'Installed version: ' + tbVer + '\\n' +\n 'Fixed version: 31.7\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:49:30", "references": ["2015:0988", "http://lists.centos.org/pipermail/centos-announce/2015-May/021133.html"], "pluginID": "1361412562310882180", "description": "Check the version of firefox", "edition": 5, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-06-09T00:00:00", "title": "CentOS Update for firefox CESA-2015:0988 centos5 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882180", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882180", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2015:0988 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882180\");\n script_version(\"$Revision: 6657 $\");\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\",\n \"CVE-2015-2713\", \"CVE-2015-2716\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:02:39 +0200 (Tue, 09 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for firefox CESA-2015:0988 centos5 \");\n script_tag(name: \"summary\", value: \"Check the version of firefox\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Mozilla Firefox is an open source web browser.\n XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox processed\ncompressed XML data. An attacker could create specially crafted compressed\nXML content that, when processed by Firefox, could cause it to crash or\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2015-2716)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Jesse Ruderman, Mats Palmgren, Byron Campen, Steve\nFink, Aki Helin, Atte Kettunen, Scott Bell, and Ucha Gobejishvili as the\noriginal reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.0 ESR, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\");\n script_tag(name: \"affected\", value: \"firefox on CentOS 5\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:0988\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-May/021133.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.0~4.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:40", "references": ["http://linux.oracle.com/errata/ELSA-2015-0988.html"], "pluginID": "1361412562310123112", "description": "Oracle Linux Local Security Checks ELSA-2015-0988", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2015-0988", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:1361412562310123112", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123112", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2015-0988.nasl 6560 2017-07-06 11:58:38Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123112\");\nscript_version(\"$Revision: 6560 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 13:59:31 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:58:38 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2015-0988\");\nscript_tag(name: \"insight\", value: \"ELSA-2015-0988 - firefox security update - [38.0-3.0.1.el7_1]- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file[38.0-3]- Enabled system nss- Removed unused patches[38.0-2]- Update to 38.0 ESR[38.0b8-0.11]- Update to 38.0 Beta 8[38.0b6-0.10]- Added patch for mozbz#1152515[38.0b6-0.9]- Update to 38.0 Beta 6[38.0b5-0.8]- Update to 38.0 Beta 5[38.0b3-0.7]- Update to 38.0 Beta 3[38.0b1-0.6]- Added patch for mozbz#1152391[38.0b1-0.5]- Fix build on AArch64 (based on upstream skia changes)[38.0b1-0.4]- Enabled debug build[38.0b1-1]- Update to 38.0b1\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2015-0988\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2015-0988.html\");\nscript_cve_id(\"CVE-2015-0797\",\"CVE-2015-2708\",\"CVE-2015-2710\",\"CVE-2015-2716\",\"CVE-2015-2713\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.0~3.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.0~4.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.0~4.0.1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:49:51", "references": ["2015:0988", "http://lists.centos.org/pipermail/centos-announce/2015-May/021132.html"], "pluginID": "1361412562310882187", "description": "Check the version of firefox", "edition": 5, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-06-09T00:00:00", "title": "CentOS Update for firefox CESA-2015:0988 centos7 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882187", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882187", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2015:0988 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882187\");\n script_version(\"$Revision: 6657 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:03:40 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\", \"CVE-2015-2713\", \"CVE-2015-2716\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for firefox CESA-2015:0988 centos7 \");\n script_tag(name: \"summary\", value: \"Check the version of firefox\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox processed\ncompressed XML data. An attacker could create specially crafted compressed\nXML content that, when processed by Firefox, could cause it to crash or\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2015-2716)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Jesse Ruderman, Mats Palmgren, Byron Campen, Steve\nFink, Aki Helin, Atte Kettunen, Scott Bell, and Ucha Gobejishvili as the\noriginal reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.0 ESR, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\");\n script_tag(name: \"affected\", value: \"firefox on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:0988\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-May/021132.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.0~3.el7.centos\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:57", "references": ["http://www.debian.org/security/2015/dsa-3264.html"], "pluginID": "1361412562310703264", "description": "Multiple security issues have\nbeen found in Icedove, Debian", "edition": 3, "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "published": "2015-05-19T00:00:00", "title": "Debian Security Advisory DSA 3264-1 (icedove - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310703264", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703264", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3264.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3264-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703264\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\", \"CVE-2015-2713\",\n \"CVE-2015-2716\");\n script_name(\"Debian Security Advisory DSA 3264-1 (icedove - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-19 00:00:00 +0200 (Tue, 19 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3264.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"icedove on Debian Linux\");\n script_tag(name: \"insight\", value: \"Icedove is an unbranded Thunderbird\nmail client suitable for free distribution. It supports different mail accounts\n(POP, IMAP, Gmail), has an integrated learning Spam filter, and offers easy\norganization of mails with tagging and virtual folders. Also, more features can\nbe added by installing extensions.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 31.7.0-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 31.7.0-1~deb8u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your icedove packages.\");\n script_tag(name: \"summary\", value: \"Multiple security issues have\nbeen found in Icedove, Debian's version of the Mozilla Thunderbird mail client:\nMultiple memory safety errors, buffer overflows and use-after-frees may lead to\nthe execution of arbitrary code, privilege escalation or denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"31.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"31.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"31.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"31.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"31.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:35", "references": ["2015:0988", "http://lists.centos.org/pipermail/centos-announce/2015-May/021104.html"], "pluginID": "1361412562310882191", "description": "Check the version of firefox", "edition": 4, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-06-09T00:00:00", "title": "CentOS Update for firefox CESA-2015:0988 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2015:0988 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882191\");\n script_version(\"$Revision: 6657 $\");\n script_cve_id(\"CVE-2015-0797\", \"CVE-2015-2708\", \"CVE-2015-2710\",\n \"CVE-2015-2713\", \"CVE-2015-2716\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:04:02 +0200 (Tue, 09 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for firefox CESA-2015:0988 centos6 \");\n script_tag(name: \"summary\", value: \"Check the version of firefox\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with\n the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Mozilla Firefox is an open source\n web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox processed\ncompressed XML data. An attacker could create specially crafted compressed\nXML content that, when processed by Firefox, could cause it to crash or\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2015-2716)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Jesse Ruderman, Mats Palmgren, Byron Campen, Steve\nFink, Aki Helin, Atte Kettunen, Scott Bell, and Ucha Gobejishvili as the\noriginal reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.0 ESR, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\");\n script_tag(name: \"affected\", value: \"firefox on CentOS 6\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:0988\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-May/021104.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.0~4.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T12:35:28", "references": ["https://download.suse.com/patch/finder/?keywords=f7ccd0598b1d14e206c07e76854611ef", "https://bugzilla.suse.com/927559"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstbasevideo-0_10-0-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstbasevideo-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstvdp-0_10-0-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstvdp-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "i586", "packageFilename": "libgstbasevideo-0_10-0-0.10.22-7.11.1.i586.rpm", "packageName": "libgstbasevideo-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "gstreamer-0_10-plugins-bad-lang-0.10.22-7.11.1.x86_64.rpm", "packageName": "gstreamer-0_10-plugins-bad-lang", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "i586", "packageFilename": "libgstphotography-0_10-0-0.10.22-7.11.1.i586.rpm", "packageName": "libgstphotography-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "i586", "packageFilename": "gstreamer-0_10-plugins-bad-lang-0.10.22-7.11.1.i586.rpm", "packageName": "gstreamer-0_10-plugins-bad-lang", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstphotography-0_10-0-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstphotography-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "gstreamer-0_10-plugins-bad-0.10.22-7.11.1.x86_64.rpm", "packageName": "gstreamer-0_10-plugins-bad", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstsignalprocessor-0_10-0-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstsignalprocessor-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "i586", "packageFilename": "libgstsignalprocessor-0_10-0-0.10.22-7.11.1.i586.rpm", "packageName": "libgstsignalprocessor-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "i586", "packageFilename": "libgstvdp-0_10-0-0.10.22-7.11.1.i586.rpm", "packageName": "libgstvdp-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "i586", "packageFilename": "gstreamer-0_10-plugins-bad-0.10.22-7.11.1.i586.rpm", "packageName": "gstreamer-0_10-plugins-bad", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstphotography-0_10-0-32bit-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstphotography-0_10-0-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "i586", "packageFilename": "libgstbasecamerabinsrc-0_10-0-0.10.22-7.11.1.i586.rpm", "packageName": "libgstbasecamerabinsrc-0_10-0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstsignalprocessor-0_10-0-32bit-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstsignalprocessor-0_10-0-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstbasecamerabinsrc-0_10-0-32bit-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstbasecamerabinsrc-0_10-0-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstbasevideo-0_10-0-32bit-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstbasevideo-0_10-0-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstvdp-0_10-0-32bit-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstvdp-0_10-0-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.10.22-7.11.1", "arch": "x86_64", "packageFilename": "libgstbasecamerabinsrc-0_10-0-0.10.22-7.11.1.x86_64.rpm", "packageName": "libgstbasecamerabinsrc-0_10-0", "operator": "lt"}], "description": "gstreamer-0_10-plugins-bad was updated to fix a security issue, a buffer\n overflow in mp4 parsing (bnc#927559 CVE-2015-0797).\n\n Security Issues:\n\n * CVE-2015-0797\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797</a>&gt;\n\n", "edition": 1, "reporter": "Suse", "published": "2015-05-20T19:04:53", "title": "Security update for gstreamer-0_10-plugins-bad (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2015-0797"], "modified": "2015-05-20T19:04:53", "id": "SUSE-SU-2015:0921-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00017.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:48:25", "references": ["https://bugzilla.suse.com/930622"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debuginfo-31.7.0esr-34.1.ppc64le.rpm", "packageName": "MozillaFirefox-debuginfo", "arch": "ppc64le", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debuginfo-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-debuginfo", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-31.7.0esr-34.1.s390x.rpm", "packageName": "MozillaFirefox", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-translations-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-translations", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debugsource-31.7.0esr-34.1.ppc64le.rpm", "packageName": "MozillaFirefox-debugsource", "arch": "ppc64le", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debugsource-31.7.0esr-34.1.s390x.rpm", "packageName": "MozillaFirefox-debugsource", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debugsource-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-debugsource", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debuginfo-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-debuginfo", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debugsource-31.7.0esr-34.1.s390x.rpm", "packageName": "MozillaFirefox-debugsource", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debuginfo-31.7.0esr-34.1.ppc64le.rpm", "packageName": "MozillaFirefox-debuginfo", "arch": "ppc64le", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debuginfo-31.7.0esr-34.1.s390x.rpm", "packageName": "MozillaFirefox-debuginfo", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debuginfo-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-debuginfo", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-translations-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-translations", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-translations-31.7.0esr-34.1.s390x.rpm", "packageName": "MozillaFirefox-translations", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debuginfo-31.7.0esr-34.1.s390x.rpm", "packageName": "MozillaFirefox-debuginfo", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-31.7.0esr-34.1.ppc64le.rpm", "packageName": "MozillaFirefox", "arch": "ppc64le", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-translations-31.7.0esr-34.1.ppc64le.rpm", "packageName": "MozillaFirefox-translations", "arch": "ppc64le", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-devel-31.7.0esr-34.1.s390x.rpm", "packageName": "MozillaFirefox-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-devel-31.7.0esr-34.1.ppc64le.rpm", "packageName": "MozillaFirefox-devel", "arch": "ppc64le", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-devel-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debugsource-31.7.0esr-34.1.ppc64le.rpm", "packageName": "MozillaFirefox-debugsource", "arch": "ppc64le", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debugsource-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-debugsource", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "31.7.0esr-34.1", "packageFilename": "MozillaFirefox-debugsource-31.7.0esr-34.1.x86_64.rpm", "packageName": "MozillaFirefox-debugsource", "arch": "x86_64", "operator": "lt"}], "edition": 1, "description": "This update to Firefox 31.7.0 ESR (bsc#930622) fixes the following issues:\n\n * MFSA 2015-46/CVE-2015-2708/CVE-2015-2709 (bmo#1120655, bmo#1143299,\n bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977, bmo#1128064,\n bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526, bmo#1153688,\n bmo#1155474) Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)\n * MFSA 2015-47/CVE-2015-0797 (bmo#1080995) Buffer overflow parsing H.264\n video with Linux Gstreamer\n * MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow with SVG\n content and CSS\n * MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free during text\n processing with vertical text enabled\n * MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow when parsing\n compressed XML\n\n", "reporter": "Suse", "published": "2015-05-28T12:05:02", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "title": "Security update for MozillaFirefox (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2709", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2015-05-28T12:05:02", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00027.html", "id": "SUSE-SU-2015:0960-1", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:07:54", "references": ["https://download.suse.com/patch/finder/?keywords=ab9c724c1f8dad58c3aecf28fa855174", "https://bugzilla.suse.com/930622"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "i586", "packageFilename": "MozillaFirefox-devel-31.7.0esr-0.8.1.i586.rpm", "packageName": "MozillaFirefox-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "i586", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.i586.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "ppc64", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.ppc64.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-devel-31.7.0esr-0.8.1.x86_64.rpm", "packageName": "MozillaFirefox-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "i586", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.i586.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "i586", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.i586.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "ia64", "packageFilename": "MozillaFirefox-devel-31.7.0esr-0.8.1.ia64.rpm", "packageName": "MozillaFirefox-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "s390x", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.s390x.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.x86_64.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.x86_64.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.x86_64.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "ppc64", "packageFilename": "MozillaFirefox-devel-31.7.0esr-0.8.1.ppc64.rpm", "packageName": "MozillaFirefox-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "i586", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.i586.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.x86_64.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "ia64", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.ia64.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "s390x", "packageFilename": "MozillaFirefox-devel-31.7.0esr-0.8.1.s390x.rpm", "packageName": "MozillaFirefox-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "ia64", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.ia64.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.x86_64.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "i586", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.i586.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "s390x", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.s390x.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "i586", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.i586.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-31.7.0esr-0.8.1.x86_64.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "31.7.0esr-0.8.1", "arch": "ppc64", "packageFilename": "MozillaFirefox-translations-31.7.0esr-0.8.1.ppc64.rpm", "packageName": "MozillaFirefox-translations", "operator": "lt"}], "description": "This update to Firefox 31.7.0 ESR fixes the following issues:\n\n *\n\n MFSA 2015-46 (CVE-2015-2708, CVE-2015-2709): Miscellaneous memory\n safety hazards (rv:38.0 / rv:31.7). Upstream references: bmo#1120655,\n bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977,\n bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526,\n bmo#1153688, bmo#1155474.\n\n *\n\n MFSA 2015-47 (CVE-2015-0797): Buffer overflow parsing H.264 video\n with Linux Gstreamer. Upstream references: bmo#1080995.\n\n *\n\n MFSA 2015-48 (CVE-2015-2710): Buffer overflow with SVG content and\n CSS. Upstream references: bmo#1149542.\n\n *\n\n MFSA 2015-51 (CVE-2015-2713): Use-after-free during text processing\n with vertical text enabled. Upstream references: bmo#1153478.\n\n *\n\n MFSA 2015-54 (CVE-2015-2716): Buffer overflow when parsing\n compressed XML. Upstream references: bmo#1140537.\n\n Security Issues:\n\n * CVE-2015-0797\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797</a>&gt;\n * CVE-2015-2708\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708</a>&gt;\n * CVE-2015-2709\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2709</a>&gt;\n * CVE-2015-2710\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710</a>&gt;\n * CVE-2015-2713\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713</a>&gt;\n * CVE-2015-2716\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716</a>&gt;\n", "edition": 1, "reporter": "Suse", "published": "2015-06-01T15:05:51", "title": "Security update for MozillaFirefox (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2709", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2015-06-01T15:05:51", "id": "SUSE-SU-2015:0978-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:58", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3225-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nApril 15, 2015 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : gst-plugins-bad0.10\r\nCVE ID : CVE-2015-0797\r\n\r\nAki Helin discovered a buffer overflow in the GStreamer plugin for MP4\r\nplayback, which could lead in the execution of arbitrary code. \r\n\r\nFor the stable distribution &#40;wheezy&#41;, this problem has been fixed in\r\nversion 0.10.23-7.1+deb7u2.\r\n\r\nFor the unstable distribution &#40;sid&#41;, this problem will be fixed soon.\r\n\r\nWe recommend that you upgrade your gst-plugins-bad0.10 packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBAgAGBQJVLoHwAAoJEBDCk7bDfE42FUsP/3gPEPyf1DdQUOB4rrK4TxN4\r\nX0asIopOxyjZpB/jMFIPmtrLGr2kH4g6E0G3b/TuIiX+zd3Z0h+xENC5nOm5lRRY\r\nrP0G0DszPprirt6TTij7rwiGZPnDX/m0vQbF4G4SEh46OfT8z64h1fK0q8HcKp5p\r\ntxdEMXQrGyj49BZsyFEWd+oIyJygqtDcGRT5aX5Rbc7+x+sGVlvNhSBLU0Yef3tC\r\nu/fEGtXdoteFvXwCIIL/DZKrnPVq3iJXgR7SnkLtTIe85gdnFrDcqimZa4BfDzmv\r\nMP6KcM5Q84HG1W7+RngSfTOjGp+pOh+OCEE+5Jlr7QIO4EjO7TTPV12zL2rkxRRB\r\nNMc/GwRj5ZV7qQaVJjjrk/oYX5HE45/30JZXFg7O2f6YMWC8j9snvT2RbzNz25JF\r\nxsLHWTIfTaVQPUDnBw+13a7Q0YMaVjMrnhc9r/bAzh0Rp6M+5x5B53E2hFmxZ1Ry\r\nzIA7XRd+1sxhdVFNSUEMJ+cOROxOxN6qao7EqFUrdYykT3wfTnxCeLIQVHryLrqU\r\nFm+BKhz5lzTn+I+SeP0r/Vxy6qVPno2c01PeBfVw6sIabx4eEuGkuteErFHFQtxH\r\nXACPeE+vMPODfrIqbCHjxPMDG9FAI6zOShHkqVkg2pnA/xCddtg2Z1QFGbn73cEv\r\nfhUFOUBUKzZOG1mA9XxR\r\n=Ky+/\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-04-17T00:00:00", "title": "[SECURITY] [DSA 3225-1] gst-plugins-bad0.10 security update", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:58", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2015-0797"], "modified": "2015-04-17T00:00:00", "id": "SECURITYVULNS:DOC:31925", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31925", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:00", "references": ["https://vulners.com/securityvulns/securityvulns:doc:31925"], "description": "Buffer overflow on MP4 playback.", "edition": 1, "reporter": "BUGTRAQ", "published": "2015-04-17T00:00:00", "title": "gst-plugins buffer overflow", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:00", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "gst-plugins", "version": "0.10", "operator": "eq"}], "cvelist": ["CVE-2015-0797"], "modified": "2015-04-17T00:00:00", "id": "SECURITYVULNS:VULN:14397", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14397", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:00", "references": [], "description": "Multiple buffer overflows, memory corruptions, information disclosures, restriction bypass.", "edition": 1, "reporter": "MOZILLA", "published": "2015-05-13T00:00:00", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:00", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox ESR", "version": "31.6", "operator": "eq"}, {"name": "Firefox", "version": "37", "operator": "eq"}, {"name": "Thunderbird", "version": "31.6", "operator": "eq"}], "cvelist": ["CVE-2015-2713", "CVE-2015-2714", "CVE-2015-2717", "CVE-2015-2712", "CVE-2015-2711", "CVE-2015-2716", "CVE-2015-2718", "CVE-2011-3079", "CVE-2015-2710", "CVE-2015-2720", "CVE-2015-2709", "CVE-2015-2708", "CVE-2015-2715", "CVE-2015-0833", "CVE-2015-0797"], "modified": "2015-05-13T00:00:00", "id": "SECURITYVULNS:VULN:14489", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14489", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:06", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=553742", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0797"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.4.5", "packageName": "media-libs/gstreamer", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "0.10.23-r3", "packageName": "media-libs/gst-plugins-bad", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nGStreamer is an open source multimedia framework.\n\n### Description\n\nA buffer overflow vulnerability has been found in the parsing of H.264 formatted video. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted H.264 formatted video using an application linked against GStreamer, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GStreamer users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/gstreamer-1.4.5\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2015-12-30T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "GStreamer: User-assisted execution of arbitrary code", "bulletinFamily": "unix", "cvelist": ["CVE-2015-0797"], "modified": "2016-02-09T00:00:00", "id": "GLSA-201512-07", "href": "https://security.gentoo.org/glsa/201512-07", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:43", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=1080995"], "edition": 1, "description": "Security researcher Aki Helin used the Address Sanitizer\ntool to find a buffer overflow during video playback on Linux systems. This was\ndue to a problem in older versions of the Gstreamer plugin during the parsing of\nH.264 formatted video. This issue could be used to induce a possibly exploitable\ncrash.\n\nThis issue does not affect the current 1.0 version of Gstreamer\nand does not affect Windows or OS X systems.", "reporter": "Mozilla Foundation", "published": "2015-05-12T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "mozilla", "title": "Buffer overflow parsing H.264 video with Linux Gstreamer", "bulletinFamily": "software", "affectedSoftware": [{"name": "Thunderbird", "version": "31.7", "operator": "lt"}, {"name": "Thunderbird", "version": "38.0.1", "operator": "lt"}, {"name": "Firefox ESR", "version": "31.7", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.35", "operator": "lt"}, {"name": "Firefox", "version": "38", "operator": "lt"}], "cvelist": ["CVE-2015-0797"], "modified": "2015-05-12T00:00:00", "id": "MFSA2015-47", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2015-47/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:40:32", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "38.0-3.0.1.el7_1", "arch": "src", "packageFilename": "firefox-38.0-3.0.1.el7_1.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "38.0-4.0.1.el5_11", "arch": "x86_64", "packageFilename": "firefox-38.0-4.0.1.el5_11.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "38.0-4.0.1.el6_6", "arch": "x86_64", "packageFilename": "firefox-38.0-4.0.1.el6_6.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "38.0-4.0.1.el5_11", "arch": "src", "packageFilename": "firefox-38.0-4.0.1.el5_11.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "38.0-4.0.1.el5_11", "arch": "src", "packageFilename": "firefox-38.0-4.0.1.el5_11.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "38.0-4.0.1.el6_6", "arch": "i686", "packageFilename": "firefox-38.0-4.0.1.el6_6.i686.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "38.0-4.0.1.el6_6", "arch": "i686", "packageFilename": "firefox-38.0-4.0.1.el6_6.i686.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "38.0-3.0.1.el7_1", "arch": "i686", "packageFilename": "firefox-38.0-3.0.1.el7_1.i686.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "38.0-4.0.1.el5_11", "arch": "i386", "packageFilename": "firefox-38.0-4.0.1.el5_11.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "38.0-4.0.1.el5_11", "arch": "i386", "packageFilename": "firefox-38.0-4.0.1.el5_11.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "38.0-3.0.1.el7_1", "arch": "x86_64", "packageFilename": "firefox-38.0-3.0.1.el7_1.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "38.0-4.0.1.el6_6", "arch": "src", "packageFilename": "firefox-38.0-4.0.1.el6_6.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "38.0-4.0.1.el6_6", "arch": "src", "packageFilename": "firefox-38.0-4.0.1.el6_6.src.rpm", "packageName": "firefox", "operator": "lt"}], "description": "[38.0-3.0.1.el7_1]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[38.0-3]\n- Enabled system nss\n- Removed unused patches\n[38.0-2]\n- Update to 38.0 ESR\n[38.0b8-0.11]\n- Update to 38.0 Beta 8\n[38.0b6-0.10]\n- Added patch for mozbz#1152515\n[38.0b6-0.9]\n- Update to 38.0 Beta 6\n[38.0b5-0.8]\n- Update to 38.0 Beta 5\n[38.0b3-0.7]\n- Update to 38.0 Beta 3\n[38.0b1-0.6]\n- Added patch for mozbz#1152391\n[38.0b1-0.5]\n- Fix build on AArch64 (based on upstream skia changes)\n[38.0b1-0.4]\n- Enabled debug build\n[38.0b1-1]\n- Update to 38.0b1", "edition": 3, "reporter": "Oracle", "published": "2015-05-13T00:00:00", "title": "firefox security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2015-05-13T00:00:00", "id": "ELSA-2015-0988", "href": "http://linux.oracle.com/errata/ELSA-2015-0988.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-06-24T01:19:01", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-nl_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-sv-se_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-sv-se", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-lt_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-lt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-it_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-it", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-pt-pt_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-pt-pt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-es-es_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-es-es", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-pt-br_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-pt-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-si_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-si", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-fy-nl_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-fy-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ta-lk_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ta-lk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-it_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-it", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-si_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-si", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-uk_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-uk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-ru_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-ru", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-fr_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-fr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-es-ar_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-es-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-bn-bd_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-bn-bd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-pt-pt_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-pt-pt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-eu_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-eu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ast_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ast", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-es-ar_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-es-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-nn-no_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-nn-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-fr_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-fr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-es-ar_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-es-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ko_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ko", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-gd_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-gd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ca_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ca", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-all_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-hu_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-hu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-is_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-is", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-cs_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-cs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-es-ar_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-es-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-pt-pt_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-pt-pt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-gd_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-gd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ro_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ro", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-rm_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-rm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-da_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-da", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-pa-in_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-pa-in", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ar_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-gl_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-gl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-rm_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-rm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-lt_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-lt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-sq_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-sq", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-pa-in_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-pa-in", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-sq_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-sq", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-ca_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-ca", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-es-es_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-es-es", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-pl_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-pl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-sr_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-sr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-lt_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-lt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-cy_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-cy", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-cy_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-cy", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-br_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-he_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-he", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-pl_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-pl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-da_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-da", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ta-lk_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ta-lk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-zh-cn_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-zh-cn", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-it_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-it", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-id_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-id", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-zh-tw_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-zh-tw", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-zh-cn_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-zh-cn", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-sk_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-sk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-tr_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-tr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ca_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ca", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-ro_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-ro", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-dbg_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-hu_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-hu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-dev_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-bg_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-bg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-bn-bd_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-bn-bd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-sq_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-sq", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-he_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-he", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-es-es_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-es-es", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-de_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-de", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-sv-se_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-sv-se", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-cs_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-cs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-be_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-be", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-nb-no_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-nb-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ar_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-en-gb_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-en-gb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-gl_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-gl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-rm_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-rm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-vi_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-vi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-gl_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-gl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-sq_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-sq", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ru_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ru", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-sr_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-sr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-fy-nl_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-fy-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-he_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-he", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-fr_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-fr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ga-ie_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ga-ie", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-da_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-da", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-sr_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-sr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-pa-in_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-pa-in", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-pl_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-pl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-hy-am_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-hy-am", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-bg_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-bg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-fi_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-fi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-cs_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-cs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "calendar-google-provider_31.7.0-1~deb8u1_all.deb", "packageName": "calendar-google-provider", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ro_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ro", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-sv-se_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-sv-se", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-sk_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-sk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-br_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-all_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-dbg_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-de_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-de", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-bg_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-bg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-vi_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-vi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ga-ie_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ga-ie", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-en-gb_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-en-gb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-de_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-de", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-fy-nl_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-fy-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-fi_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-fi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-hr_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-hr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-fi_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-fi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-ta-lk_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-ta-lk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ko_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ko", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-he_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-he", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-lt_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-lt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-extension_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-extension", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-el_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-el", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-hy-am_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-hy-am", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-ja_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-ja", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-el_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-el", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0-1~deb7u1", "arch": "all", "packageFilename": "icedove_31.7.0-1~deb7u1_all.deb", "packageName": "icedove", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-fi_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-fi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove_31.7.0-1~deb8u1_all.deb", "packageName": "icedove", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-sl_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-sl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-tr_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-tr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-is_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-is", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-br_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-zh-tw_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-zh-tw", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-hu_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-hu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-hy-am_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-hy-am", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-hr_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-hr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-zh-cn_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-zh-cn", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-es-es_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-es-es", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ja_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ja", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-id_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-id", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-nn-no_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-nn-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-gd_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-gd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-it_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-it", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-sl_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-sl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-be_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-be", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-rm_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-rm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-fr_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-fr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-el_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-el", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-el_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-el", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-br_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-pt-br_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-pt-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-si_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-si", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-hr_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-hr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ru_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ru", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-ja_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-ja", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-cs_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-cs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-nn-no_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-nn-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-uk_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-uk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-et_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-et", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-ja_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-ja", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-ko_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-ko", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-et_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-et", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-nl_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-pa-in_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-pa-in", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-nl_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-ko_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-ko", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning_31.7.0-1~deb8u1_all.deb", "packageName": "lightning", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-nn-no_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-nn-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-eu_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-eu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-en-gb_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-en-gb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-bn-bd_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-bn-bd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-gl_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-gl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-nl_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-hu_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-hu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-et_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-et", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-is_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-is", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-ta-lk_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-ta-lk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-sl_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-sl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-be_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-be", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-zh-cn_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-zh-cn", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-zh-tw_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-zh-tw", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-bn-bd_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-bn-bd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-uk_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-uk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-de_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-de", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-ga-ie_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-ga-ie", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-pt-br_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-pt-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-ar_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-sl_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-sl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-ru_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-ru", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-ga-ie_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-ga-ie", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-tr_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-tr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-eu_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-eu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-si_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-si", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-id_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-id", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-hr_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-hr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-uk_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-uk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-ca_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-ca", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-nb-no_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-nb-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-hy-am_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-hy-am", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-pt-pt_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-pt-pt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-bg_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-bg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-vi_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-vi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-nb-no_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-nb-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-pl_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-pl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-be_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-be", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-sk_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-sk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-pt-br_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-pt-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-eu_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-eu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-et_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-et", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-tr_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-tr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-ar_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-gd_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-gd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-dev_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-ro_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-ro", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-da_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-da", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-ast_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-ast", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-id_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-id", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-sr_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-sr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-nb-no_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-nb-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-vi_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-vi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "icedove-l10n-sv-se_31.7.0-1~deb8u1_all.deb", "packageName": "icedove-l10n-sv-se", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-en-gb_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-en-gb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "iceowl-l10n-zh-tw_31.7.0-1~deb8u1_all.deb", "packageName": "iceowl-l10n-zh-tw", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-fy-nl_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-fy-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "thunderbird-l10n-sk_31.7.0-1~deb8u1_all.deb", "packageName": "thunderbird-l10n-sk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0-1~deb8u1", "arch": "all", "packageFilename": "lightning-l10n-is_31.7.0-1~deb8u1_all.deb", "packageName": "lightning-l10n-is", "operator": "lt"}], "description": "Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service.\n\nFor the oldstable distribution (wheezy), these problems have been fixed in version 31.7.0-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in version 31.7.0-1~deb8u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your icedove packages.", "edition": 5, "reporter": "Debian", "published": "2015-05-19T00:00:00", "title": "icedove -- security update", "type": "debian", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2015-05-19T00:00:00", "id": "DSA-3264", "href": "http://www.debian.org/security/dsa-3264", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-24T04:07:55", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-it_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-it", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-son_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-son", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-zu_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-zu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ko_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ko", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-sr_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-sr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-af_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-af", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-zh-cn_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-zh-cn", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-dsb_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-dsb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ca_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ca", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-br_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-mai_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-mai", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "libmozjs17d_31.7.0esr-1~deb7u1_all.deb", "packageName": "libmozjs17d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-da_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-da", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-sl_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-sl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-si_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-si", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ta_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ta", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-hy-am_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-hy-am", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-csb_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-csb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-dbg_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-as_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-as", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-es-cl_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-es-cl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-te_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-te", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ga-ie_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ga-ie", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-hu_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-hu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "libmozjs17d-dbg_31.7.0esr-1~deb7u1_all.deb", "packageName": "libmozjs17d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ta-lk_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ta-lk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "xulrunner-17.0_31.7.0esr-1~deb7u1_all.deb", "packageName": "xulrunner-17.0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-gu-in_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-gu-in", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-cy_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-cy", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-pa-in_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-pa-in", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-lg_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-lg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-is_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-is", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ar_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-sk_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-sk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-kk_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-kk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-en-gb_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-en-gb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ak_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ak", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-es-mx_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-es-mx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-gl_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-gl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "31.7.0esr-1~deb8u1", "arch": "all", "packageFilename": "iceweasel_31.7.0esr-1~deb8u1_all.deb", "packageName": "iceweasel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-nb-no_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-nb-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-bg_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-bg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-lij_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-lij", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-lt_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-lt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "xulrunner-17.0-dbg_31.7.0esr-1~deb7u1_all.deb", "packageName": "xulrunner-17.0-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ms_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ms", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-hr_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-hr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-bn-in_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-bn-in", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-es-ar_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-es-ar", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-all_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-fi_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-fi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "xulrunner-dev_31.7.0esr-1~deb7u1_all.deb", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ja_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ja", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-en-za_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-en-za", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-hsb_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-hsb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-sv-se_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-sv-se", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-et_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-et", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-nl_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-az_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-az", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-el_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-el", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-fa_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-fa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-zh-tw_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-zh-tw", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-nn-no_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-nn-no", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-lv_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-lv", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-hi-in_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-hi-in", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-he_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-he", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ku_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ku", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-fy-nl_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-fy-nl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-sq_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-sq", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-th_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-th", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-rm_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-rm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-mr_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-mr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ast_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ast", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-es-es_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-es-es", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-id_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-id", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-eo_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-eo", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-de_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-de", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-tr_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-tr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-an_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-an", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-fr_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-fr", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-km_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-km", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-pt-br_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-pt-br", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-be_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-be", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-cs_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-cs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "spidermonkey-bin_31.7.0esr-1~deb7u1_all.deb", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-pt-pt_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-pt-pt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-vi_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-vi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-nso_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-nso", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-kn_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-kn", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "libmozjs-dev_31.7.0esr-1~deb7u1_all.deb", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-uz_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-uz", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-uk_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-uk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ru_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ru", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ff_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ff", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-eu_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-eu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-gd_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-gd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ml_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-bs_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-bs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-pl_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-pl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-dev_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ach_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ach", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-ro_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-ro", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-xh_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-xh", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-mk_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-mk", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-bn-bd_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-bn-bd", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "31.7.0esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel-l10n-or_31.7.0esr-1~deb7u1_all.deb", "packageName": "iceweasel-l10n-or", "operator": "lt"}], "edition": 3, "description": "Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service.\n\nFor the oldstable distribution (wheezy), these problems have been fixed in version 31.7.0esr-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in version 31.7.0esr-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in version 38.0-1.\n\nWe recommend that you upgrade your iceweasel packages.", "reporter": "Debian", "published": "2015-05-13T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "debian", "title": "iceweasel -- security update", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2011-3079", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-0797"], "modified": "2015-05-13T00:00:00", "id": "DSA-3260", "href": "http://www.debian.org/security/dsa-3260", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:24:49", "references": ["https://rhn.redhat.com/errata/RHSA-2015-0988.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "38.0-4.el5.centos", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5.centos.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "38.0-3.el7.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "38.0-4.el6.centos", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6.centos.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "38.0-4.el5.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "38.0-4.el6.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "38.0-4.el6.centos", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6.centos.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "38.0-4.el6.centos", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6.centos.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "38.0-4.el5.centos", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "38.0-4.el5.centos", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "38.0-3.el7.centos", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7.centos.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "38.0-3.el7.centos", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7.centos.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2015:0988\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox processed\ncompressed XML data. An attacker could create specially crafted compressed\nXML content that, when processed by Firefox, could cause it to crash or\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2015-2716)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Jesse Ruderman, Mats Palmgren, Byron Campen, Steve\nFink, Aki Helin, Atte Kettunen, Scott Bell, and Ucha Gobejishvili as the\noriginal reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.0 ESR, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-May/021104.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-May/021132.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-May/021133.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0988.html", "edition": 1, "reporter": "CentOS Project", "published": "2015-05-13T00:01:13", "title": "firefox security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-2713", "CVE-2015-2716", "CVE-2015-2710", "CVE-2015-2708", "CVE-2015-4496", "CVE-2015-0797"], "modified": "2015-05-13T08:04:35", "href": "http://lists.centos.org/pipermail/centos-announce/2015-May/021104.html", "id": "CESA-2015:0988", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-06-06T18:04:47", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "i386", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el5_11.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5_11.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "x86_64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5_11.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "ppc64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el5_11.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "ppc64", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5_11.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "s390", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el5_11.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "s390x", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el5_11.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5_11.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "38.0-4.el5_11", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el5_11.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "i686", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6_6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "x86_64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "ppc64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "ppc", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "ppc", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "ppc64", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "s390x", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "s390", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-4.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "38.0-4.el6_6", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-38.0-4.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "x86_64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-3.el7_1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "i686", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-3.el7_1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7_1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7_1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "ppc64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-3.el7_1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "ppc", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-3.el7_1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "ppc", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7_1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "ppc64", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7_1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "s390x", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-3.el7_1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "s390", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-38.0-3.el7_1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7_1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "38.0-3.el7_1", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-38.0-3.el7_1.s390x.rpm", "operator": "lt"}], "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713)\n\nA heap-based buffer overflow flaw was found in the way Firefox processed\ncompressed XML data. An attacker could create specially crafted compressed\nXML content that, when processed by Firefox, could cause it to crash or\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2015-2716)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Jesse Ruderman, Mats Palmgren, Byron Campen, Steve\nFink, Aki Helin, Atte Kettunen, Scott Bell, and Ucha Gobejishvili as the\noriginal reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.0 ESR, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n", "reporter": "RedHat", "published": "2015-05-12T04:00:00", "type": "redhat", "title": "(RHSA-2015:0988) Critical: firefox security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-0797", "CVE-2015-2708", "CVE-2015-2710", "CVE-2015-2713", "CVE-2015-2716", "CVE-2015-4496"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:34", "id": "RHSA-2015:0988", "href": "https://access.redhat.com/errata/RHSA-2015:0988", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:42", "references": ["https://www.mozilla.org/security/advisories/mfsa2015-48/", "https://www.mozilla.org/security/advisories/mfsa2015-93/", "https://www.mozilla.org/security/advisories/mfsa2015-50/", "https://www.mozilla.org/security/advisories/mfsa2015-54/", "https://www.mozilla.org/security/advisories/mfsa2015-56/", "https://www.mozilla.org/security/advisories/mfsa2015-55/", "https://www.mozilla.org/security/advisories/mfsa2015-53/", "https://www.mozilla.org/security/advisories/mfsa2015-49/", "https://www.mozilla.org/security/advisories/mfsa2015-57/", "https://www.mozilla.org/security/advisories/mfsa2015-58/", "https://www.mozilla.org/security/advisories/mfsa2015-47/", "https://www.mozilla.org/security/advisories/mfsa2015-52/", "https://www.mozilla.org/security/advisories/mfsa2015-46/", "https://www.mozilla.org/security/advisories/mfsa2015-51/"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "31.7.0,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-esr", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.35", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "seamonkey", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "31.7.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxul", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "31.7.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "38.0,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "38.0,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "31.7.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-thunderbird", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.35", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-seamonkey", "operator": "lt"}], "description": "\nThe Mozilla Project reports:\n\nMFSA-2015-46 Miscellaneous memory safety hazards (rv:38.0\n\t / rv:31.7)\nMFSA-2015-47 Buffer overflow parsing H.264 video with\n\t Linux Gstreamer\nMFSA-2015-48 Buffer overflow with SVG content and CSS\nMFSA-2015-49 Referrer policy ignored when links opened by\n\t middle-click and context menu\nMFSA-2015-50 Out-of-bounds read and write in asm.js validation\nMFSA-2015-51 Use-after-free during text processing with\n\t vertical text enabled\nMFSA-2015-52 Sensitive URL encoded information written to\n\t Android logcat\nMFSA-2015-53 Use-after-free due to Media Decoder Thread creation\n\t during shutdown\nMFSA-2015-54 Buffer overflow when parsing compressed XML\nMFSA-2015-55 Buffer overflow and out-of-bounds read while\n\t parsing MP4 video metadata\nMFSA-2015-56 Untrusted site hosting trusted page can\n\t intercept webchannel responses\nMFSA-2015-57 Privilege escalation through IPC channel messages\nMFSA-2015-58 Mozilla Windows updater can be run outside\n\t of application directory\nMFSA 2015-93 Integer overflows in libstagefright while processing\n\t MP4 video metadata\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2015-05-12T00:00:00", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-2713", "CVE-2015-2714", "CVE-2015-2717", "CVE-2015-2712", "CVE-2015-2711", "CVE-2015-2716", "CVE-2015-2718", "CVE-2011-3079", "CVE-2015-2710", "CVE-2015-2720", "CVE-2015-2709", "CVE-2015-2708", "CVE-2015-4496", "CVE-2015-2715", "CVE-2015-0833", "CVE-2015-0797"], "modified": "2015-08-28T00:00:00", "id": "D9B43004-F5FD-4807-B1D7-DBF66455B244", "href": "https://vuxml.freebsd.org/freebsd/d9b43004-f5fd-4807-b1d7-dbf66455b244.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2018-09-14T00:47:17", "references": [], "description": "### *CVSS*:\n10.0\n\n### *Detect date*:\n05/12/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code or obtain sensitive information.\n\n### *Affected products*:\nMozilla Firefox versions earlier than 38.0 \nMozilla Firefox ESR versions earlier than 31.7 \nMozilla Thunderbird versions earlier than 31.7\n\n### *Solution*:\nUpdate to the latest version \n[Get Thunderbird](<https://www.mozilla.org/en-US/thunderbird/>) \n[Get Firefox](<https://www.mozilla.org/en-US/firefox/new/>)\n\n### *Original advisories*:\n[Mozilla Foundation Security Advisory](<https://www.mozilla.org/en-US/security/advisories/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Firefox](<https://threats.kaspersky.com/en/product/Mozilla-Firefox/>)\n\n### *CVE-IDS*:\n[CVE-2015-0833](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0833>) \n[CVE-2015-2710](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710>) \n[CVE-2015-2718](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2718>) \n[CVE-2015-2715](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2715>) \n[CVE-2015-2714](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2714>) \n[CVE-2015-2716](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716>) \n[CVE-2011-3079](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079>) \n[CVE-2015-2711](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2711>) \n[CVE-2015-2709](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2709>) \n[CVE-2015-2720](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2720>) \n[CVE-2015-0797](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797>) \n[CVE-2015-2717](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2717>) \n[CVE-2015-2712](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712>) \n[CVE-2015-2713](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713>) \n[CVE-2015-2708](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708>) \n[CVE-2015-4496](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4496>)", "edition": 13, "reporter": "Kaspersky Lab", "published": "2015-05-12T00:00:00", "title": "\r KLA10584Multiple vulnerabilities in Mozilla products ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2015-2713", "CVE-2015-2714", "CVE-2015-2717", "CVE-2015-2712", "CVE-2015-2711", "CVE-2015-2716", "CVE-2015-2718", "CVE-2011-3079", "CVE-2015-2710", "CVE-2015-2720", "CVE-2015-2709", "CVE-2015-2708", "CVE-2015-4496", "CVE-2015-2715", "CVE-2015-0833", "CVE-2015-0797"], "modified": "2018-09-10T00:00:00", "id": "KLA10584", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10584", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}