Description
gnome-web-photo contains a thumbnailer that will be used by GNOME applicati ons, including the file manager, to generate screenshots of web pages.
Affected Package
Related
{"id": "FEDORA:0C6ED10F890", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 10 Update: gnome-web-photo-0.3-17.fc10", "description": "gnome-web-photo contains a thumbnailer that will be used by GNOME applicati ons, including the file manager, to generate screenshots of web pages. ", "published": "2009-04-24T19:52:12", "modified": "2009-04-24T19:52:12", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PBFBMOOPO5ES4XHSFD74LZOO7SABEPGD/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312"], "immutableFields": [], "lastseen": "2020-12-21T08:17:49", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2009:0436", "CESA-2009:0437", "CESA-2009:0437-02", "CESA-2009:1126"]}, {"type": "cve", "idList": ["CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1797-1:07D8B", "DEBIAN:DSA-1830-1:BBB69", "DEBIAN:DSA-1886-1:37DBD"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-2352"]}, {"type": "fedora", "idList": ["FEDORA:01BAC10F88D", "FEDORA:01BF610F88E", "FEDORA:0C65110F88F", "FEDORA:0D0D110F89F", "FEDORA:0F21B10F891", "FEDORA:0F3BC10F892", "FEDORA:13DA910F893", "FEDORA:1D95A10F894", "FEDORA:2760610F895", "FEDORA:2CA0810F896", "FEDORA:3496110F897", "FEDORA:372BD10F898", "FEDORA:39FF110F899", "FEDORA:74C0110F878", "FEDORA:82E2910F884", "FEDORA:9CC8A10F885", "FEDORA:ADA8710F886", "FEDORA:AF72710F888", "FEDORA:B5FFB10F88A", "FEDORA:B641F10F88B", "FEDORA:BCF4110F88C", "FEDORA:BD0D410F88D", "FEDORA:BF65110F88E", "FEDORA:C196610F88F", "FEDORA:C2A4C10F885", "FEDORA:C47BF10F890", "FEDORA:C743210F891", "FEDORA:CAF5010F892", "FEDORA:CD00310F893", "FEDORA:CDF0D10F886", "FEDORA:D17CE10F894", "FEDORA:D620710F895", "FEDORA:D8E2D10F896", "FEDORA:DAC4C10F888", "FEDORA:DCBDC10F897", "FEDORA:DE8FB10F898", "FEDORA:E541B10F8AF", "FEDORA:E7AF510F88A", "FEDORA:EC9D110F88B", "FEDORA:F2F4C10F88C"]}, {"type": "freebsd", "idList": ["3B18E237-2F15-11DE-9672-0030843D3802"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/MFSA2009-17-CVE-2009-1307/", "MSF:ILITIES/MOZILLA-FIREFOX-MFSA-2009-14-TO-2009-22/", "MSF:ILITIES/MOZILLA-SEAMONKEY-CVE-2009-1307/", "MSF:ILITIES/MOZILLA-THUNDERBIRD-CVE-2009-1307/"]}, {"type": "mozilla", "idList": ["MFSA2009-14", "MFSA2009-15", "MFSA2009-16", "MFSA2009-17", "MFSA2009-18", "MFSA2009-19", "MFSA2009-20", "MFSA2009-21", "MFSA2009-22"]}, {"type": "nessus", "idList": ["4998.PRM", "5001.PRM", "5084.PRM", "CENTOS_RHSA-2009-0436.NASL", "CENTOS_RHSA-2009-0437.NASL", "CENTOS_RHSA-2009-1126.NASL", "DEBIAN_DSA-1797.NASL", "DEBIAN_DSA-1830.NASL", "DEBIAN_DSA-1886.NASL", "FEDORA_2009-3875.NASL", "FEDORA_2009-3893.NASL", "FEDORA_2009-7567.NASL", "FEDORA_2009-7614.NASL", "FREEBSD_PKG_3B18E2372F1511DE96720030843D3802.NASL", "GENTOO_GLSA-201301-01.NASL", "MANDRIVA_MDVSA-2009-111.NASL", "MANDRIVA_MDVSA-2009-141.NASL", "MOZILLA_FIREFOX_309.NASL", "MOZILLA_THUNDERBIRD_20021.NASL", "MOZILLA_THUNDERBIRD_20022.NASL", "ORACLELINUX_ELSA-2009-0436.NASL", "ORACLELINUX_ELSA-2009-0437.NASL", "ORACLELINUX_ELSA-2009-1125.NASL", "REDHAT-RHSA-2009-0436.NASL", "REDHAT-RHSA-2009-0437.NASL", "REDHAT-RHSA-2009-1125.NASL", "REDHAT-RHSA-2009-1126.NASL", "SEAMONKEY_1115.NASL", "SEAMONKEY_1116.NASL", "SEAMONKEY_1117.NASL", "SLACKWARE_SSA_2009-176-01.NASL", "SLACKWARE_SSA_2009-178-01.NASL", "SL_20090421_FIREFOX_ON_SL4_X.NASL", "SL_20090421_SEAMONKEY_ON_SL3_X.NASL", "SL_20090625_THUNDERBIRD_ON_SL4_X.NASL", "SUSE9_12519.NASL", "SUSE_11_0_MOZILLA-XULRUNNER190-090427.NASL", "SUSE_11_0_MOZILLAFIREFOX-090427.NASL", "SUSE_11_0_MOZILLATHUNDERBIRD-090710.NASL", "SUSE_11_0_SEAMONKEY-090617.NASL", "SUSE_11_0_SEAMONKEY-091007.NASL", "SUSE_11_1_MOZILLA-XULRUNNER190-090427.NASL", "SUSE_11_1_MOZILLAFIREFOX-090427.NASL", "SUSE_11_1_MOZILLATHUNDERBIRD-090710.NASL", "SUSE_11_1_SEAMONKEY-090617.NASL", "SUSE_11_1_SEAMONKEY-091007.NASL", "SUSE_11_MOZILLA-XULRUNNER190-090427.NASL", "SUSE_11_MOZILLAFIREFOX-090427.NASL", "SUSE_MOZILLATHUNDERBIRD-6347.NASL", "SUSE_SEAMONKEY-6310.NASL", "SUSE_SEAMONKEY-6538.NASL", "UBUNTU_USN-764-1.NASL", "UBUNTU_USN-782-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121000", "OPENVAS:1361412562310122492", "OPENVAS:136141256231063866", "OPENVAS:136141256231063867", "OPENVAS:136141256231063882", "OPENVAS:136141256231063883", "OPENVAS:136141256231063898", "OPENVAS:136141256231063904", "OPENVAS:136141256231063906", "OPENVAS:136141256231063962", "OPENVAS:136141256231063983", "OPENVAS:136141256231063996", "OPENVAS:136141256231064057", "OPENVAS:136141256231064134", "OPENVAS:136141256231064278", "OPENVAS:136141256231064279", "OPENVAS:136141256231064287", "OPENVAS:136141256231064315", "OPENVAS:136141256231064317", "OPENVAS:136141256231064332", "OPENVAS:136141256231064399", "OPENVAS:136141256231064400", "OPENVAS:136141256231064417", "OPENVAS:136141256231064871", "OPENVAS:136141256231065239", "OPENVAS:136141256231065660", "OPENVAS:136141256231065661", "OPENVAS:1361412562310880667", "OPENVAS:1361412562310880870", "OPENVAS:1361412562310880902", "OPENVAS:1361412562310880947", "OPENVAS:1361412562310880951", "OPENVAS:1361412562310900342", "OPENVAS:1361412562310900343", "OPENVAS:1361412562310900344", "OPENVAS:1361412562310900345", "OPENVAS:1361412562310900346", "OPENVAS:1361412562310900347", "OPENVAS:1361412562310900512", "OPENVAS:1361412562310900513", "OPENVAS:63866", "OPENVAS:63867", "OPENVAS:63882", "OPENVAS:63883", "OPENVAS:63898", "OPENVAS:63904", "OPENVAS:63906", "OPENVAS:63962", "OPENVAS:63983", "OPENVAS:63996", "OPENVAS:64057", "OPENVAS:64134", "OPENVAS:64143", "OPENVAS:64144", "OPENVAS:64172", "OPENVAS:64173", "OPENVAS:64174", "OPENVAS:64278", "OPENVAS:64279", "OPENVAS:64287", "OPENVAS:64315", "OPENVAS:64317", "OPENVAS:64323", "OPENVAS:64324", "OPENVAS:64332", "OPENVAS:64399", "OPENVAS:64400", "OPENVAS:64417", "OPENVAS:64441", "OPENVAS:64442", "OPENVAS:64443", "OPENVAS:64871", "OPENVAS:65239", "OPENVAS:65660", "OPENVAS:65661", "OPENVAS:880667", "OPENVAS:880870", "OPENVAS:880902", "OPENVAS:880947", "OPENVAS:880951", "OPENVAS:900342", "OPENVAS:900343", "OPENVAS:900344", "OPENVAS:900345", "OPENVAS:900346", "OPENVAS:900347", "OPENVAS:900512", "OPENVAS:900513"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0436", "ELSA-2009-0437", "ELSA-2009-1125"]}, {"type": "redhat", "idList": ["RHSA-2009:0436", "RHSA-2009:0437", "RHSA-2009:1125", "RHSA-2009:1126"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21723", "SECURITYVULNS:DOC:21724", "SECURITYVULNS:DOC:21725", "SECURITYVULNS:DOC:21726", "SECURITYVULNS:DOC:21727", "SECURITYVULNS:DOC:21728", "SECURITYVULNS:DOC:21729", "SECURITYVULNS:DOC:21730", "SECURITYVULNS:DOC:21731", "SECURITYVULNS:VULN:9869"]}, {"type": "ubuntu", "idList": ["USN-764-1", "USN-782-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-0652", "UB:CVE-2009-1302", "UB:CVE-2009-1303", "UB:CVE-2009-1304", "UB:CVE-2009-1305", "UB:CVE-2009-1306", "UB:CVE-2009-1307", "UB:CVE-2009-1308", "UB:CVE-2009-1309", "UB:CVE-2009-1310", "UB:CVE-2009-1311", "UB:CVE-2009-1312"]}]}, "score": {"value": 5.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2009:0436", "CESA-2009:0437", "CESA-2009:0437-02", "CESA-2009:1126"]}, {"type": "cve", "idList": ["CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1886-1:37DBD"]}, {"type": "fedora", "idList": ["FEDORA:39FF110F899", "FEDORA:C196610F88F"]}, {"type": "freebsd", "idList": ["3B18E237-2F15-11DE-9672-0030843D3802"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/MOZILLA-FIREFOX-MFSA-2009-14-TO-2009-22/"]}, {"type": "mozilla", "idList": ["MFSA2009-14", "MFSA2009-20"]}, {"type": "nessus", "idList": ["5084.PRM", "REDHAT-RHSA-2009-1125.NASL", "SUSE_11_MOZILLA-XULRUNNER190-090427.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122492", "OPENVAS:1361412562310880870", "OPENVAS:63882", "OPENVAS:64144", "OPENVAS:64287", "OPENVAS:64399", "OPENVAS:880870", "OPENVAS:900346", "OPENVAS:900512"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1125"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21730"]}, {"type": "ubuntu", "idList": ["USN-782-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-0652"]}]}, "exploitation": null, "vulnersScore": 5.3}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "10", "arch": "any", "packageName": "gnome-web-photo", "packageVersion": "0.3", "packageFilename": "UNKNOWN", "operator": "lt"}]}
{"openvas": [{"lastseen": "2019-05-29T18:39:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2009:0436 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880947", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880947", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2009:0436 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-April/015833.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880947\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:0436\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\",\n \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\",\n \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_name(\"CentOS Update for firefox CESA-2009:0436 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 4\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source Web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code as the user running Firefox.\n (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\n Several flaws were found in the way malformed web content was processed. A\n web page containing malicious content could execute arbitrary JavaScript in\n the context of the site, possibly presenting misleading data to a user, or\n stealing sensitive information such as login credentials. (CVE-2009-0652,\n CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310,\n CVE-2009-1312)\n\n A flaw was found in the way Firefox saved certain web pages to a local\n file. If a user saved the inner frame of a web page containing POST data,\n the POST data could be revealed to the inner frame, possibly surrendering\n sensitive information such as login credentials. (CVE-2009-1311)\n\n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories\n in the References section of this errata.\n\n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.0.9, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:57:13", "description": "The remote host is missing updates to firefox announced in\nadvisory CESA-2009:0436.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0436 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63904", "href": "http://plugins.openvas.org/nasl.php?oid=63904", "sourceData": "#CESA-2009:0436 63904 4\n# $Id: ovcesa2009_0436.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0436 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0436\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0436\nhttps://rhn.redhat.com/errata/RHSA-2009-0436.html\";\ntag_summary = \"The remote host is missing updates to firefox announced in\nadvisory CESA-2009:0436.\";\n\n\n\nif(description)\n{\n script_id(63904);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0436 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el5.centos\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-devel-unstable\", rpm:\"xulrunner-devel-unstable~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:40", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0436.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A\nweb page containing malicious content could execute arbitrary JavaScript in\nthe context of the site, possibly presenting misleading data to a user, or\nstealing sensitive information such as login credentials. (CVE-2009-0652,\nCVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310,\nCVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST data,\nthe POST data could be revealed to the inner frame, possibly surrendering\nsensitive information such as login credentials. (CVE-2009-1311)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.9. You can find a link to the Mozilla advisories\nin the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.9, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63866", "href": "http://plugins.openvas.org/nasl.php?oid=63866", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0436.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0436 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0436.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A\nweb page containing malicious content could execute arbitrary JavaScript in\nthe context of the site, possibly presenting misleading data to a user, or\nstealing sensitive information such as login credentials. (CVE-2009-0652,\nCVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310,\nCVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST data,\nthe POST data could be revealed to the inner frame, possibly surrendering\nsensitive information such as login credentials. (CVE-2009-1311)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.9. You can find a link to the Mozilla advisories\nin the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.9, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63866);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0436\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0436.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.9\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.0.9~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~1.9.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-devel-unstable\", rpm:\"xulrunner-devel-unstable~1.9.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:29", "description": "The remote host is missing an update to epiphany\nannounced via advisory FEDORA-2009-3893.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-3893 (epiphany)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63883", "href": "http://plugins.openvas.org/nasl.php?oid=63883", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3893.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3893 (epiphany)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nhttp://www.mozilla.org/security/known-\nvulnerabilities/firefox30.html#firefox3.0.9\nChangeLog:\n\n* Tue Apr 21 2009 Christopher Aillon - 2.24.3-5\n- Rebuild against newer gecko\n* Fri Mar 27 2009 Christopher Aillon - 2.24.3-4\n- Rebuild against newer gecko\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update epiphany' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3893\";\ntag_summary = \"The remote host is missing an update to epiphany\nannounced via advisory FEDORA-2009-3893.\";\n\n\n\nif(description)\n{\n script_id(63883);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-0652\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-3893 (epiphany)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496252\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496253\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496255\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496256\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=486704\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496262\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496263\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496266\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496267\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496270\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496271\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496274\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.24.3~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.24.3~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-debuginfo\", rpm:\"epiphany-debuginfo~2.24.3~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:39", "description": "The remote host is missing updates to firefox announced in\nadvisory CESA-2009:0436.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0436 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063904", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063904", "sourceData": "#CESA-2009:0436 63904 4\n# $Id: ovcesa2009_0436.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0436 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0436\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0436\nhttps://rhn.redhat.com/errata/RHSA-2009-0436.html\";\ntag_summary = \"The remote host is missing updates to firefox announced in\nadvisory CESA-2009:0436.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63904\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0436 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el5.centos\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-devel-unstable\", rpm:\"xulrunner-devel-unstable~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:37", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2009:0436 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880667", "href": "http://plugins.openvas.org/nasl.php?oid=880667", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2009:0436 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code as the user running Firefox.\n (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n \n Several flaws were found in the way malformed web content was processed. A\n web page containing malicious content could execute arbitrary JavaScript in\n the context of the site, possibly presenting misleading data to a user, or\n stealing sensitive information such as login credentials. (CVE-2009-0652,\n CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310,\n CVE-2009-1312)\n \n A flaw was found in the way Firefox saved certain web pages to a local\n file. If a user saved the inner frame of a web page containing POST data,\n the POST data could be revealed to the inner frame, possibly surrendering\n sensitive information such as login credentials. (CVE-2009-1311)\n \n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories\n in the References section of this errata.\n \n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.0.9, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-April/015824.html\");\n script_id(880667);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0436\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\",\n \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\",\n \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_name(\"CentOS Update for firefox CESA-2009:0436 centos5 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel-unstable\", rpm:\"xulrunner-devel-unstable~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:29:03", "description": "The remote host is missing an update to xulrunner-1.9\nannounced via advisory USN-764-1.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Ubuntu USN-764-1 (xulrunner-1.9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64144", "href": "http://plugins.openvas.org/nasl.php?oid=64144", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_764_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_764_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-764-1 (xulrunner-1.9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n firefox-3.0 3.0.9+nobinonly-0ubuntu0.8.04.1\n xulrunner-1.9 1.9.0.9+nobinonly-0ubuntu0.8.04.1\n\nUbuntu 8.10:\n abrowser 3.0.9+nobinonly-0ubuntu0.8.10.1\n firefox-3.0 3.0.9+nobinonly-0ubuntu0.8.10.1\n xulrunner-1.9 1.9.0.9+nobinonly-0ubuntu0.8.10.1\n\nUbuntu 9.04:\n abrowser 3.0.9+nobinonly-0ubuntu0.9.04.1\n firefox-3.0 3.0.9+nobinonly-0ubuntu0.9.04.1\n xulrunner-1.9 1.9.0.9+nobinonly-0ubuntu0.9.04.1\n\nAfter a standard system upgrade you need to restart Firefox and any\napplications that use xulrunner, such as Epiphany, to effect the necessary\nchanges.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-764-1\";\n\ntag_insight = \"Several flaws were discovered in the browser engine. If a user were tricked\ninto viewing a malicious website, a remote attacker could cause a denial of\nservice or possibly execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304,\nCVE-2009-1305)\n\nIt was discovered that Firefox displayed certain Unicode characters which\ncould be visually confused with punctuation in valid web addresses in the\nlocation bar. An attacker could exploit this to spoof the location bar,\nsuch as in a phishing attack. (CVE-2009-0652)\n\nSeveral flaws were discovered in the way Firefox processed malformed URI\nschemes. If a user were tricked into viewing a malicious website, a remote\nattacker could execute arbitrary JavaScript or steal private data.\n(CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312)\n\nCefn Hoile discovered Firefox did not adequately protect against embedded\nthird-party stylesheets. An attacker could exploit this to perform script\ninjection attacks using XBL bindings. (CVE-2009-1308)\n\nPaolo Amadini discovered that Firefox would submit POST data when reloading\nan inner frame of a web page. If a user were tricked into viewing a\nmalicious website, a remote attacker could steal private data.\n(CVE-2009-1311)\";\ntag_summary = \"The remote host is missing an update to xulrunner-1.9\nannounced via advisory USN-764-1.\";\n\n \n\n\nif(description)\n{\n script_id(64144);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu USN-764-1 (xulrunner-1.9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-764-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser-3.0-branding\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-branding\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser-3.0-branding\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-branding\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:14", "description": "The remote host is missing an update to firefox\nannounced via advisory FEDORA-2009-3875.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-3875 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063882", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063882", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3875.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3875 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nhttp://www.mozilla.org/security/known-\nvulnerabilities/firefox30.html#firefox3.0.9\nChangeLog:\n\n* Tue Apr 21 2009 Christopher Aillon - 3.0.9-1\n- Update to 3.0.9\n* Fri Mar 27 2009 Christopher Aillon - 3.0.8-1\n- Update to 3.0.8\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update firefox' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3875\";\ntag_summary = \"The remote host is missing an update to firefox\nannounced via advisory FEDORA-2009-3875.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63882\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-0652\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-3875 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496252\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496253\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496255\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496256\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=486704\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496262\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496263\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496266\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496267\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496270\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496271\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496274\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.0.9~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2009:0436 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880667", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880667", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2009:0436 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-April/015824.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880667\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:0436\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\",\n \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\",\n \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_name(\"CentOS Update for firefox CESA-2009:0436 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 5\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source Web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code as the user running Firefox.\n (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\n Several flaws were found in the way malformed web content was processed. A\n web page containing malicious content could execute arbitrary JavaScript in\n the context of the site, possibly presenting misleading data to a user, or\n stealing sensitive information such as login credentials. (CVE-2009-0652,\n CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310,\n CVE-2009-1312)\n\n A flaw was found in the way Firefox saved certain web pages to a local\n file. If a user saved the inner frame of a web page containing POST data,\n the POST data could be revealed to the inner frame, possibly surrendering\n sensitive information such as login credentials. (CVE-2009-1311)\n\n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories\n in the References section of this errata.\n\n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.0.9, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel-unstable\", rpm:\"xulrunner-devel-unstable~1.9.0.9~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:38:28", "description": "The remote host is missing an update to epiphany\nannounced via advisory FEDORA-2009-3893.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-3893 (epiphany)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063883", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063883", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3893.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3893 (epiphany)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nhttp://www.mozilla.org/security/known-\nvulnerabilities/firefox30.html#firefox3.0.9\nChangeLog:\n\n* Tue Apr 21 2009 Christopher Aillon - 2.24.3-5\n- Rebuild against newer gecko\n* Fri Mar 27 2009 Christopher Aillon - 2.24.3-4\n- Rebuild against newer gecko\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update epiphany' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3893\";\ntag_summary = \"The remote host is missing an update to epiphany\nannounced via advisory FEDORA-2009-3893.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63883\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-0652\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-3893 (epiphany)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496252\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496253\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496255\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496256\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=486704\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496262\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496263\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496266\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496267\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496270\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496271\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496274\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.24.3~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.24.3~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-debuginfo\", rpm:\"epiphany-debuginfo~2.24.3~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:00", "description": "Oracle Linux Local Security Checks ELSA-2009-0436", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-0436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122492", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122492", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0436.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122492\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:46:34 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0436\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0436 - firefox security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0436\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0436.html\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.9~1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.0.9~1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel-unstable\", rpm:\"xulrunner-devel-unstable~1.9.0.9~1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:56:24", "description": "The remote host is missing an update to firefox\nannounced via advisory FEDORA-2009-3875.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-3875 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63882", "href": "http://plugins.openvas.org/nasl.php?oid=63882", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3875.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3875 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nhttp://www.mozilla.org/security/known-\nvulnerabilities/firefox30.html#firefox3.0.9\nChangeLog:\n\n* Tue Apr 21 2009 Christopher Aillon - 3.0.9-1\n- Update to 3.0.9\n* Fri Mar 27 2009 Christopher Aillon - 3.0.8-1\n- Update to 3.0.8\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update firefox' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3875\";\ntag_summary = \"The remote host is missing an update to firefox\nannounced via advisory FEDORA-2009-3875.\";\n\n\n\nif(description)\n{\n script_id(63882);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-0652\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-3875 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496252\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496253\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496255\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496256\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=486704\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496262\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496263\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496266\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496267\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496270\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496271\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496274\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.0.9~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:46", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2009:0436 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880947", "href": "http://plugins.openvas.org/nasl.php?oid=880947", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2009:0436 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code as the user running Firefox.\n (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n \n Several flaws were found in the way malformed web content was processed. A\n web page containing malicious content could execute arbitrary JavaScript in\n the context of the site, possibly presenting misleading data to a user, or\n stealing sensitive information such as login credentials. (CVE-2009-0652,\n CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310,\n CVE-2009-1312)\n \n A flaw was found in the way Firefox saved certain web pages to a local\n file. If a user saved the inner frame of a web page containing POST data,\n the POST data could be revealed to the inner frame, possibly surrendering\n sensitive information such as login credentials. (CVE-2009-1311)\n \n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories\n in the References section of this errata.\n \n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.0.9, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-April/015833.html\");\n script_id(880947);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0436\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\",\n \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\",\n \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_name(\"CentOS Update for firefox CESA-2009:0436 centos4 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:21", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0436.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A\nweb page containing malicious content could execute arbitrary JavaScript in\nthe context of the site, possibly presenting misleading data to a user, or\nstealing sensitive information such as login credentials. (CVE-2009-0652,\nCVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310,\nCVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST data,\nthe POST data could be revealed to the inner frame, possibly surrendering\nsensitive information such as login credentials. (CVE-2009-1311)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.9. You can find a link to the Mozilla advisories\nin the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.9, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063866", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063866", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0436.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0436 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0436.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A\nweb page containing malicious content could execute arbitrary JavaScript in\nthe context of the site, possibly presenting misleading data to a user, or\nstealing sensitive information such as login credentials. (CVE-2009-0652,\nCVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310,\nCVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST data,\nthe POST data could be revealed to the inner frame, possibly surrendering\nsensitive information such as login credentials. (CVE-2009-1311)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.9. You can find a link to the Mozilla advisories\nin the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.9, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63866\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0436\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0436.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.9\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.0.9~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~1.9.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner-devel-unstable\", rpm:\"xulrunner-devel-unstable~1.9.0.9~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-29T22:26:32", "description": "The host is installed with Mozilla Firefox browser and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities Apr-09 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900343", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Multiple Vulnerabilities Apr-09 (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900343\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\",\n \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Firefox Multiple Vulnerabilities Apr-09 (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34758\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-20.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-21.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_firefox_detect_lin.nasl\");\n script_mandatory_keys(\"Firefox/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\");\n script_tag(name:\"affected\", value:\"Firefox version prior to 3.0.9 on Linux.\");\n script_tag(name:\"insight\", value:\"For more information about vulnerabilities on Firefox, go through the links\n mentioned in references.\");\n script_tag(name:\"solution\", value:\"Upgrade to Firefox version 3.0.9.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox browser and is prone to\n multiple vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Linux/Ver\");\nif(!ffVer)\n exit(0);\n\nif(version_is_less(version:ffVer, test_version:\"3.0.9\")){\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"3.0.9\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:13:53", "description": "The host is installed with Mozilla Firefox browser and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities Apr-09 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-01-20T00:00:00", "id": "OPENVAS:900342", "href": "http://plugins.openvas.org/nasl.php?oid=900342", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_firefox_mult_vuln_apr09_win.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Mozilla Firefox Multiple Vulnerabilities Apr-09 (Windows)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\n Impact Level: System/Application\";\ntag_affected = \"Firefox version prior to 3.0.9 on Windows.\";\ntag_insight = \"For more information about vulnerabilities on Firefox, go through the links\n mentioned in references.\";\ntag_solution = \"Upgrade to Firefox version 3.0.9\n http://www.mozilla.com/en-US/firefox/all.html\";\ntag_summary = \"The host is installed with Mozilla Firefox browser and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(900342);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\",\n \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Firefox Multiple Vulnerabilities Apr-09 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/34758\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-20.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-21.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_firefox_detect_win.nasl\");\n script_require_keys(\"Firefox/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(!ffVer){\n exit(0);\n}\n\n# Grep for Firefox version prior to 3.0.9\nif(version_is_less(version:ffVer, test_version:\"3.0.9\")){\n security_message(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:02", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "FreeBSD Ports: firefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2016-12-21T00:00:00", "id": "OPENVAS:63898", "href": "http://plugins.openvas.org/nasl.php?oid=63898", "sourceData": "#\n#VID 3b18e237-2f15-11de-9672-0030843d3802\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 3b18e237-2f15-11de-9672-0030843d3802\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n firefox\n linux-firefox\n linux-firefox-devel\n linux-seamonkey-devel\n seamonkey\n linux-seamonkey\n thunderbird\n linux-thunderbird\n\nFor details on the updates, please visit the referenced security\nadvisories.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-22.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-21.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-20.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-19.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-18.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-17.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-16.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-15.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-14.html\nhttp://www.vuxml.org/freebsd/3b18e237-2f15-11de-9672-0030843d3802.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(63898);\n script_version(\"$Revision: 4824 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-21 09:49:38 +0100 (Wed, 21 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1312\", \"CVE-2009-1311\", \"CVE-2009-1302\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1310\");\n script_bugtraq_id(34656);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.20_7,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"3.*,1\")>0 && revcomp(a:bver, b:\"3.0.9,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-firefox-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-seamonkey-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.17\")<0) {\n txt += 'Package seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.17\")<0) {\n txt += 'Package linux-seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.22\")<0) {\n txt += 'Package thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.22\")<0) {\n txt += 'Package linux-thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:49", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "FreeBSD Ports: firefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063898", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063898", "sourceData": "#\n#VID 3b18e237-2f15-11de-9672-0030843d3802\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 3b18e237-2f15-11de-9672-0030843d3802\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n firefox\n linux-firefox\n linux-firefox-devel\n linux-seamonkey-devel\n seamonkey\n linux-seamonkey\n thunderbird\n linux-thunderbird\n\nFor details on the updates, please visit the referenced security\nadvisories.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-22.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-21.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-20.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-19.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-18.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-17.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-16.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-15.html\nhttp://www.mozilla.org/security/announce/2009/mfsa2009-14.html\nhttp://www.vuxml.org/freebsd/3b18e237-2f15-11de-9672-0030843d3802.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63898\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1312\", \"CVE-2009-1311\", \"CVE-2009-1302\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1310\");\n script_bugtraq_id(34656);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.20_7,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"3.*,1\")>0 && revcomp(a:bver, b:\"3.0.9,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-firefox-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-seamonkey-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.17\")<0) {\n txt += 'Package seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.17\")<0) {\n txt += 'Package linux-seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.22\")<0) {\n txt += 'Package thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.22\")<0) {\n txt += 'Package linux-thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:58", "description": "The host is installed with Mozilla Firefox browser and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities Apr-09 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-01-20T00:00:00", "id": "OPENVAS:900343", "href": "http://plugins.openvas.org/nasl.php?oid=900343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_firefox_mult_vuln_apr09_lin.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Mozilla Firefox Multiple Vulnerabilities Apr-09 (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\n Impact Level: System/Application\";\ntag_affected = \"Firefox version prior to 3.0.9 on Linux.\";\ntag_insight = \"For more information about vulnerabilities on Firefox, go through the links\n mentioned in references.\";\ntag_solution = \"Upgrade to Firefox version 3.0.9\n http://www.mozilla.com/en-US/firefox/all.html\";\ntag_summary = \"The host is installed with Mozilla Firefox browser and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(900343);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\",\n \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Firefox Multiple Vulnerabilities Apr-09 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/34758\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-20.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-21.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_firefox_detect_lin.nasl\");\n script_require_keys(\"Firefox/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Linux/Ver\");\nif(!ffVer){\n exit(0);\n}\n\n# Grep for Firefox version prior to 3.0.9\nif(version_is_less(version:ffVer, test_version:\"3.0.9\")){\n security_message(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-29T22:26:41", "description": "The host is installed with Mozilla Firefox browser and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities Apr-09 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900342", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Multiple Vulnerabilities Apr-09 (Windows)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900342\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\",\n \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Firefox Multiple Vulnerabilities Apr-09 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34758\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-20.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-21.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\");\n\n script_tag(name:\"affected\", value:\"Firefox version prior to 3.0.9 on Windows.\");\n\n script_tag(name:\"insight\", value:\"For more information about vulnerabilities on Firefox, go through the links\n mentioned in references.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Firefox version 3.0.9.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox browser and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(!ffVer){\n exit(0);\n}\n\nif(version_is_less(version:ffVer, test_version:\"3.0.9\")){\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"3.0.9\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:40:01", "description": "The remote host is missing an update to xulrunner\nannounced via advisory DSA 1797-1.", "cvss3": {}, "published": "2009-05-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1797-1 (xulrunner)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063962", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063962", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1797_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1797-1 (xulrunner)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in Xulrunner, a\nruntime environment for XUL applications, such as the Iceweasel web\nbrowser. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2009-0652\n\nMoxie Marlinspike discovered that Unicode box drawing characters inside of\ninternationalised domain names could be used for phishing attacks.\n\nCVE-2009-1302\n\nOlli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman\nand Gary Kwong reported crashes in the in the layout engine, which might\nallow the execution of arbitrary code.\n\nCVE-2009-1303\n\nOlli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman\nand Gary Kwong reported crashes in the in the layout engine, which might\nallow the execution of arbitrary code.\n\nCVE-2009-1304\n\nIgor Bukanov and Bob Clary discovered crashes in the Javascript engine,\nwhich might allow the execution of arbitrary code.\n\nCVE-2009-1305\n\nIgor Bukanov and Bob Clary discovered crashes in the Javascript engine,\nwhich might allow the execution of arbitrary code.\n\nCVE-2009-1306\n\nDaniel Veditz discovered that the Content-Disposition: header is ignored\nwithin the jar: URI scheme.\n\nCVE-2009-1307\n\nGregory Fleischer discovered that the same-origin policy for Flash files\nis inproperly enforced for files loaded through the view-source scheme,\nwhich may result in bypass of cross-domain policy restrictions.\n\nCVE-2009-1308\n\nCefn Hoile discovered that sites, which allow the embedding of third-party\nstylesheets are vulnerable to cross-site scripting attacks through XBL\nbindings.\n\nCVE-2009-1309\n\nmoz_bug_r_a4 discovered bypasses of the same-origin policy in the\nXMLHttpRequest Javascript API and the XPCNativeWrapper.\n\nCVE-2009-1311\n\nPaolo Amadini discovered that incorrect handling of POST data when\nsaving a web site with an embedded frame may lead to information disclosure.\n\nCVE-2009-1312\n\nIt was discovered that Iceweasel allows Refresh: headers to redirect\nto Javascript URIs, resulting in cross-site scripting.\n\nFor the stable distribution (lenny), these problems have been fixed\nin version 1.9.0.9-0lenny2.\n\nAs indicated in the Etch release notes, security support for the\nMozilla products in the oldstable distribution needed to be stopped\nbefore the end of the regular Etch security maintenance life cycle.\nYou are strongly encouraged to upgrade to stable or switch to a still\nsupported browser.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.0.9-1.\n\nWe recommend that you upgrade your xulrunner packages.\";\ntag_summary = \"The remote host is missing an update to xulrunner\nannounced via advisory DSA 1797-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201797-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63962\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-11 20:24:31 +0200 (Mon, 11 May 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1797-1 (xulrunner)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmozillainterfaces-java\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-xpcom\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:01", "description": "The remote host is missing an update to xulrunner\nannounced via advisory DSA 1797-1.", "cvss3": {}, "published": "2009-05-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1797-1 (xulrunner)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:63962", "href": "http://plugins.openvas.org/nasl.php?oid=63962", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1797_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1797-1 (xulrunner)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in Xulrunner, a\nruntime environment for XUL applications, such as the Iceweasel web\nbrowser. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2009-0652\n\nMoxie Marlinspike discovered that Unicode box drawing characters inside of\ninternationalised domain names could be used for phishing attacks.\n\nCVE-2009-1302\n\nOlli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman\nand Gary Kwong reported crashes in the in the layout engine, which might\nallow the execution of arbitrary code.\n\nCVE-2009-1303\n\nOlli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman\nand Gary Kwong reported crashes in the in the layout engine, which might\nallow the execution of arbitrary code.\n\nCVE-2009-1304\n\nIgor Bukanov and Bob Clary discovered crashes in the Javascript engine,\nwhich might allow the execution of arbitrary code.\n\nCVE-2009-1305\n\nIgor Bukanov and Bob Clary discovered crashes in the Javascript engine,\nwhich might allow the execution of arbitrary code.\n\nCVE-2009-1306\n\nDaniel Veditz discovered that the Content-Disposition: header is ignored\nwithin the jar: URI scheme.\n\nCVE-2009-1307\n\nGregory Fleischer discovered that the same-origin policy for Flash files\nis inproperly enforced for files loaded through the view-source scheme,\nwhich may result in bypass of cross-domain policy restrictions.\n\nCVE-2009-1308\n\nCefn Hoile discovered that sites, which allow the embedding of third-party\nstylesheets are vulnerable to cross-site scripting attacks through XBL\nbindings.\n\nCVE-2009-1309\n\nmoz_bug_r_a4 discovered bypasses of the same-origin policy in the\nXMLHttpRequest Javascript API and the XPCNativeWrapper.\n\nCVE-2009-1311\n\nPaolo Amadini discovered that incorrect handling of POST data when\nsaving a web site with an embedded frame may lead to information disclosure.\n\nCVE-2009-1312\n\nIt was discovered that Iceweasel allows Refresh: headers to redirect\nto Javascript URIs, resulting in cross-site scripting.\n\nFor the stable distribution (lenny), these problems have been fixed\nin version 1.9.0.9-0lenny2.\n\nAs indicated in the Etch release notes, security support for the\nMozilla products in the oldstable distribution needed to be stopped\nbefore the end of the regular Etch security maintenance life cycle.\nYou are strongly encouraged to upgrade to stable or switch to a still\nsupported browser.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.0.9-1.\n\nWe recommend that you upgrade your xulrunner packages.\";\ntag_summary = \"The remote host is missing an update to xulrunner\nannounced via advisory DSA 1797-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201797-1\";\n\n\nif(description)\n{\n script_id(63962);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-11 20:24:31 +0200 (Mon, 11 May 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1797-1 (xulrunner)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmozillainterfaces-java\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-xpcom\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.9.0.9-0lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:05", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-xulrunner190\n mozilla-xulrunner190-gnomevfs\n mozilla-xulrunner190-translations\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Mozilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65661", "href": "http://plugins.openvas.org/nasl.php?oid=65661", "sourceData": "#\n#VID fab01148f9c2f94e57e7070118a7818e\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Mozilla\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-xulrunner190\n mozilla-xulrunner190-gnomevfs\n mozilla-xulrunner190-translations\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=495473\");\n script_id(65661);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-0652\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for Mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:58", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n MozillaFirefox\n MozillaFirefox-translations\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for MozillaFirefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065660", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065660", "sourceData": "#\n#VID 8d58759fa070160f1f7d27df1de3a166\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for MozillaFirefox\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n MozillaFirefox\n MozillaFirefox-translations\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=495473\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65660\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-0652\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for MozillaFirefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:26", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n MozillaFirefox\n MozillaFirefox-translations\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for MozillaFirefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65660", "href": "http://plugins.openvas.org/nasl.php?oid=65660", "sourceData": "#\n#VID 8d58759fa070160f1f7d27df1de3a166\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for MozillaFirefox\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n MozillaFirefox\n MozillaFirefox-translations\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=495473\");\n script_id(65660);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-0652\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for MozillaFirefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:52", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-xulrunner190\n mozilla-xulrunner190-gnomevfs\n mozilla-xulrunner190-translations\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Mozilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065661", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065661", "sourceData": "#\n#VID fab01148f9c2f94e57e7070118a7818e\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Mozilla\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-xulrunner190\n mozilla-xulrunner190-gnomevfs\n mozilla-xulrunner190-translations\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=495473\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65661\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-0652\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for Mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.9~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-29T22:26:29", "description": "The host is installed with Mozilla Seamonkey and is prone\n to multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900346", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900346", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Windows)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900346\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\",\n \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34835\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-21.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_seamonkey_detect_win.nasl\");\n script_mandatory_keys(\"Seamonkey/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\");\n script_tag(name:\"affected\", value:\"Seamonkey version prior to 1.1.17 on Windows.\");\n script_tag(name:\"insight\", value:\"For more information about vulnerabilities on Seamonkey, go through the links\n mentioned in references.\");\n script_tag(name:\"solution\", value:\"Upgrade to Seamonkey version 1.1.17.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Seamonkey and is prone\n to multiple vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nsmVer = get_kb_item(\"Seamonkey/Win/Ver\");\nif(!smVer)\n exit(0);\n\nif(version_is_less(version:smVer, test_version:\"1.1.17\")){\n report = report_fixed_ver(installed_version:smVer, fixed_version:\"1.1.17\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:14:05", "description": "The host is installed with Mozilla Seamonkey and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-01-27T00:00:00", "id": "OPENVAS:900347", "href": "http://plugins.openvas.org/nasl.php?oid=900347", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_seamonkey_mult_vuln_apr09_lin.nasl 5122 2017-01-27 12:16:00Z teissa $\n#\n# Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\n Impact Level: System/Application\";\ntag_affected = \"Seamonkey version prior to 1.1.17 on Linux.\";\ntag_insight = \"For more information about vulnerabilities on Seamonkey, go through the links\n mentioned in references.\";\ntag_solution = \"Upgrade to Seamonkey version 1.1.17\n http://www.seamonkey-project.org/releases\";\ntag_summary = \"The host is installed with Mozilla Seamonkey and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(900347);\n script_version(\"$Revision: 5122 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-27 13:16:00 +0100 (Fri, 27 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\",\n \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Linux)\");\n\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_seamonkey_detect_lin.nasl\");\n script_require_keys(\"Seamonkey/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/34835\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-21.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-22.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsmVer = get_kb_item(\"Seamonkey/Linux/Ver\");\nif(!smVer){\n exit(0);\n}\n\n# Grep for Seamonkey version prior to 1.1.17\nif(version_is_less(version:smVer, test_version:\"1.1.17\")){\n security_message(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:53", "description": "The host is installed with Mozilla Seamonkey and is prone\n to multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-01-27T00:00:00", "id": "OPENVAS:900346", "href": "http://plugins.openvas.org/nasl.php?oid=900346", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_seamonkey_mult_vuln_apr09_win.nasl 5122 2017-01-27 12:16:00Z teissa $\n#\n# Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Windows)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\n Impact Level: System/Application\";\ntag_affected = \"Seamonkey version prior to 1.1.17 on Windows.\";\ntag_insight = \"For more information about vulnerabilities on Seamonkey, go through the links\n mentioned in references.\";\ntag_solution = \"Upgrade to Seamonkey version 1.1.17\n http://www.seamonkey-project.org/releases\";\ntag_summary = \"The host is installed with Mozilla Seamonkey and is prone\n to multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(900346);\n script_version(\"$Revision: 5122 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-27 13:16:00 +0100 (Fri, 27 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\",\n \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/34835\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-21.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_seamonkey_detect_win.nasl\");\n script_require_keys(\"Seamonkey/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsmVer = get_kb_item(\"Seamonkey/Win/Ver\");\nif(!smVer){\n exit(0);\n}\n\n# Grep for Seamonkey version prior to 1.1.17\nif(version_is_less(version:smVer, test_version:\"1.1.17\")){\n security_message(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-29T22:26:41", "description": "The host is installed with Mozilla Seamonkey and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900347", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900347", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900347\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\",\n \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_seamonkey_detect_lin.nasl\");\n script_mandatory_keys(\"Seamonkey/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\");\n script_tag(name:\"affected\", value:\"Seamonkey version prior to 1.1.17 on Linux.\");\n script_tag(name:\"insight\", value:\"For more information about vulnerabilities on Seamonkey, go through the links\n mentioned in references.\");\n script_tag(name:\"solution\", value:\"Upgrade to Seamonkey version 1.1.17.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Seamonkey and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34835\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-21.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-22.html\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nsmVer = get_kb_item(\"Seamonkey/Linux/Ver\");\nif(!smVer)\n exit(0);\n\nif(version_is_less(version:smVer, test_version:\"1.1.17\")){\n report = report_fixed_ver(installed_version:smVer, fixed_version:\"1.1.17\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:40:00", "description": "The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:111.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:111 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1313", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064134", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064134", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_111.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:111 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security vulnerabilities have been discovered in previous\nversions, and corrected in the latest Mozilla Firefox 3.x, version\n3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305,\nCVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\nCVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312,\nCVE-2009-1313)\n\nThis update provides the latest Mozilla Firefox 3.x to correct\nthese issues.\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\n\nAffected: 2009.0, 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:111\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.10\";\ntag_summary = \"The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:111.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64134\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-0652\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-1313\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:111 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.24.0.1~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.24.0.1~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~0.9.5~4.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-theme-kde4ff\", rpm:\"firefox-theme-kde4ff~0.14~4.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner1.9\", rpm:\"libxulrunner1.9~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-unstable-devel\", rpm:\"libxulrunner-unstable-devel~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-blogrovr\", rpm:\"mozilla-firefox-ext-blogrovr~1.1.779~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-foxmarks\", rpm:\"mozilla-firefox-ext-foxmarks~2.1.0.12~2.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-scribefire\", rpm:\"mozilla-firefox-ext-scribefire~2.3.1~2.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner1.9\", rpm:\"lib64xulrunner1.9~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-unstable-devel\", rpm:\"lib64xulrunner-unstable-devel~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.26.1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.26.1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.798~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-foxmarks\", rpm:\"firefox-ext-foxmarks~2.7.2~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~0.9.6~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.7.2~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.2.3~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mn\", rpm:\"firefox-mn~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-theme-kde4ff\", rpm:\"firefox-theme-kde4ff~0.14~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-common\", rpm:\"google-gadgets-common~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-gtk\", rpm:\"google-gadgets-gtk~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-qt\", rpm:\"google-gadgets-qt~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-xul\", rpm:\"google-gadgets-xul~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget1.0_0\", rpm:\"libggadget1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget-gtk1.0_0\", rpm:\"libggadget-gtk1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget-qt1.0_0\", rpm:\"libggadget-qt1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgoogle-gadgets-devel\", rpm:\"libgoogle-gadgets-devel~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc-devel\", rpm:\"libopensc-devel~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner1.9\", rpm:\"libxulrunner1.9~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-unstable-devel\", rpm:\"libxulrunner-unstable-devel~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-plugin-opensc\", rpm:\"mozilla-plugin-opensc~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom\", rpm:\"python-xpcom~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.26.0~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget1.0_0\", rpm:\"lib64ggadget1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget-gtk1.0_0\", rpm:\"lib64ggadget-gtk1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget-qt1.0_0\", rpm:\"lib64ggadget-qt1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64google-gadgets-devel\", rpm:\"lib64google-gadgets-devel~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64opensc2\", rpm:\"lib64opensc2~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64opensc-devel\", rpm:\"lib64opensc-devel~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner1.9\", rpm:\"lib64xulrunner1.9~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-unstable-devel\", rpm:\"lib64xulrunner-unstable-devel~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:01", "description": "The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:111.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:111 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1313", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64134", "href": "http://plugins.openvas.org/nasl.php?oid=64134", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_111.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:111 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security vulnerabilities have been discovered in previous\nversions, and corrected in the latest Mozilla Firefox 3.x, version\n3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305,\nCVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\nCVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312,\nCVE-2009-1313)\n\nThis update provides the latest Mozilla Firefox 3.x to correct\nthese issues.\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\n\nAffected: 2009.0, 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:111\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.10\";\ntag_summary = \"The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:111.\";\n\n \n\nif(description)\n{\n script_id(64134);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-0652\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-1313\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:111 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.24.0.1~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.24.0.1~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~0.9.5~4.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-theme-kde4ff\", rpm:\"firefox-theme-kde4ff~0.14~4.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner1.9\", rpm:\"libxulrunner1.9~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-unstable-devel\", rpm:\"libxulrunner-unstable-devel~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-blogrovr\", rpm:\"mozilla-firefox-ext-blogrovr~1.1.779~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-foxmarks\", rpm:\"mozilla-firefox-ext-foxmarks~2.1.0.12~2.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-scribefire\", rpm:\"mozilla-firefox-ext-scribefire~2.3.1~2.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.21~3.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner1.9\", rpm:\"lib64xulrunner1.9~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-unstable-devel\", rpm:\"lib64xulrunner-unstable-devel~1.9.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.26.1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.26.1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.798~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-foxmarks\", rpm:\"firefox-ext-foxmarks~2.7.2~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~0.9.6~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.7.2~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.2.3~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mn\", rpm:\"firefox-mn~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-theme-kde4ff\", rpm:\"firefox-theme-kde4ff~0.14~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-common\", rpm:\"google-gadgets-common~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-gtk\", rpm:\"google-gadgets-gtk~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-qt\", rpm:\"google-gadgets-qt~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-xul\", rpm:\"google-gadgets-xul~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget1.0_0\", rpm:\"libggadget1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget-gtk1.0_0\", rpm:\"libggadget-gtk1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget-qt1.0_0\", rpm:\"libggadget-qt1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgoogle-gadgets-devel\", rpm:\"libgoogle-gadgets-devel~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc-devel\", rpm:\"libopensc-devel~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner1.9\", rpm:\"libxulrunner1.9~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-unstable-devel\", rpm:\"libxulrunner-unstable-devel~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-plugin-opensc\", rpm:\"mozilla-plugin-opensc~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom\", rpm:\"python-xpcom~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.26.0~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget1.0_0\", rpm:\"lib64ggadget1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget-gtk1.0_0\", rpm:\"lib64ggadget-gtk1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget-qt1.0_0\", rpm:\"lib64ggadget-qt1.0_0~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64google-gadgets-devel\", rpm:\"lib64google-gadgets-devel~0.10.5~8.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64opensc2\", rpm:\"lib64opensc2~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64opensc-devel\", rpm:\"lib64opensc-devel~0.11.7~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner1.9\", rpm:\"lib64xulrunner1.9~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-unstable-devel\", rpm:\"lib64xulrunner-unstable-devel~1.9.0.10~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:31", "description": "The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:111-1.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:111-1 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1313", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063983", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063983", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_111_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:111-1 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security vulnerabilities have been discovered in previous\nversions, and corrected in the latest Mozilla Firefox 3.x, version\n3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305,\nCVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\nCVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312,\nCVE-2009-1313)\n\nThis update provides the latest Mozilla Firefox 3.x to correct\nthese issues.\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\n\nUpdate:\n\nThe recent Mozilla Firefox update missed the Firefox language packs\nfor Mandriva Linux 2009. This update provides them, fixing the issue.\n\nAffected: 2009.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:111-1\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.10\";\ntag_summary = \"The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:111-1.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63983\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-0652\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-1313\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:111-1 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mn\", rpm:\"firefox-mn~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:11", "description": "The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:111-1.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:111-1 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1304", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1313", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1303"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:63983", "href": "http://plugins.openvas.org/nasl.php?oid=63983", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_111_1.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:111-1 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security vulnerabilities have been discovered in previous\nversions, and corrected in the latest Mozilla Firefox 3.x, version\n3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305,\nCVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\nCVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312,\nCVE-2009-1313)\n\nThis update provides the latest Mozilla Firefox 3.x to correct\nthese issues.\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\n\nUpdate:\n\nThe recent Mozilla Firefox update missed the Firefox language packs\nfor Mandriva Linux 2009. This update provides them, fixing the issue.\n\nAffected: 2009.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:111-1\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.10\";\ntag_summary = \"The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:111-1.\";\n\n \n\nif(description)\n{\n script_id(63983);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-0652\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-1313\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:111-1 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mn\", rpm:\"firefox-mn~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.0.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2009:0437 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880902", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880902", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2009:0437 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-May/015907.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880902\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:0437\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\",\n \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_name(\"CentOS Update for seamonkey CESA-2009:0437 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'seamonkey'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"seamonkey on CentOS 4\");\n script_tag(name:\"insight\", value:\"SeaMonkey is an open source Web browser, email and newsgroup client, IRC\n chat client, and HTML editor.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause SeaMonkey to crash or,\n potentially, execute arbitrary code as the user running SeaMonkey.\n (CVE-2009-1303, CVE-2009-1305)\n\n Several flaws were found in the way malformed web content was processed. A\n web page containing malicious content could execute arbitrary JavaScript in\n the context of the site, possibly presenting misleading data to a user, or\n stealing sensitive information such as login credentials. (CVE-2009-0652,\n CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)\n\n A flaw was found in the way SeaMonkey saved certain web pages to a local\n file. If a user saved the inner frame of a web page containing POST data,\n the POST data could be revealed to the inner frame, possibly surrendering\n sensitive information such as login credentials. (CVE-2009-1311)\n\n All SeaMonkey users should upgrade to these updated packages, which correct\n these issues. After installing the update, SeaMonkey must be restarted for\n the changes to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:38:44", "description": "The remote host is missing updates to seamonkey announced in\nadvisory CESA-2009:0437-02.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0437-02 (seamonkey)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063906", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063906", "sourceData": "#CESA-2009:0437-02 63906 1\n# $Id: ovcesa2009_0437_02.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0437-02 (seamonkey)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0437-02\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0437\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to seamonkey announced in\nadvisory CESA-2009:0437-02.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63906\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0437-02 (seamonkey)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:34", "description": "The remote host is missing updates to seamonkey announced in\nadvisory CESA-2009:0437-02.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0437-02 (seamonkey)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63906", "href": "http://plugins.openvas.org/nasl.php?oid=63906", "sourceData": "#CESA-2009:0437-02 63906 1\n# $Id: ovcesa2009_0437_02.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0437-02 (seamonkey)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0437-02\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0437\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to seamonkey announced in\nadvisory CESA-2009:0437-02.\";\n\n\n\nif(description)\n{\n script_id(63906);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0437-02 (seamonkey)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:06", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0437.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code as the user running SeaMonkey.\n(CVE-2009-1303, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A\nweb page containing malicious content could execute arbitrary JavaScript in\nthe context of the site, possibly presenting misleading data to a user, or\nstealing sensitive information such as login credentials. (CVE-2009-0652,\nCVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)\n\nA flaw was found in the way SeaMonkey saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST data,\nthe POST data could be revealed to the inner frame, possibly surrendering\nsensitive information such as login credentials. (CVE-2009-1311)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0437", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63867", "href": "http://plugins.openvas.org/nasl.php?oid=63867", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0437.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0437 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0437.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code as the user running SeaMonkey.\n(CVE-2009-1303, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A\nweb page containing malicious content could execute arbitrary JavaScript in\nthe context of the site, possibly presenting misleading data to a user, or\nstealing sensitive information such as login credentials. (CVE-2009-0652,\nCVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)\n\nA flaw was found in the way SeaMonkey saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST data,\nthe POST data could be revealed to the inner frame, possibly surrendering\nsensitive information such as login credentials. (CVE-2009-1311)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63867);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0437\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0437.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:52", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880951", "href": "http://plugins.openvas.org/nasl.php?oid=880951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, email and newsgroup client, IRC\n chat client, and HTML editor.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause SeaMonkey to crash or,\n potentially, execute arbitrary code as the user running SeaMonkey.\n (CVE-2009-1303, CVE-2009-1305)\n \n Several flaws were found in the way malformed web content was processed. A\n web page containing malicious content could execute arbitrary JavaScript in\n the context of the site, possibly presenting misleading data to a user, or\n stealing sensitive information such as login credentials. (CVE-2009-0652,\n CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)\n \n A flaw was found in the way SeaMonkey saved certain web pages to a local\n file. If a user saved the inner frame of a web page containing POST data,\n the POST data could be revealed to the inner frame, possibly surrendering\n sensitive information such as login credentials. (CVE-2009-1311)\n \n All SeaMonkey users should upgrade to these updated packages, which correct\n these issues. After installing the update, SeaMonkey must be restarted for\n the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"seamonkey on CentOS 2\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-April/015830.html\");\n script_id(880951);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0437-02\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\",\n \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_name(\"CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-April/015830.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880951\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:0437-02\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\",\n \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_name(\"CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'seamonkey'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS2\");\n script_tag(name:\"affected\", value:\"seamonkey on CentOS 2\");\n script_tag(name:\"insight\", value:\"SeaMonkey is an open source Web browser, email and newsgroup client, IRC\n chat client, and HTML editor.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause SeaMonkey to crash or,\n potentially, execute arbitrary code as the user running SeaMonkey.\n (CVE-2009-1303, CVE-2009-1305)\n\n Several flaws were found in the way malformed web content was processed. A\n web page containing malicious content could execute arbitrary JavaScript in\n the context of the site, possibly presenting misleading data to a user, or\n stealing sensitive information such as login credentials. (CVE-2009-0652,\n CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)\n\n A flaw was found in the way SeaMonkey saved certain web pages to a local\n file. If a user saved the inner frame of a web page containing POST data,\n the POST data could be revealed to the inner frame, possibly surrendering\n sensitive information such as login credentials. (CVE-2009-1311)\n\n All SeaMonkey users should upgrade to these updated packages, which correct\n these issues. After installing the update, SeaMonkey must be restarted for\n the changes to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.33.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:57:06", "description": "The remote host is missing updates to seamonkey announced in\nadvisory CESA-2009:0437.", "cvss3": {}, "published": "2009-05-25T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0437 (seamonkey)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64057", "href": "http://plugins.openvas.org/nasl.php?oid=64057", "sourceData": "#CESA-2009:0437 64057 4\n# $Id: ovcesa2009_0437.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0437 (seamonkey)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0437\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0437\nhttps://rhn.redhat.com/errata/RHSA-2009-0437.html\";\ntag_summary = \"The remote host is missing updates to seamonkey announced in\nadvisory CESA-2009:0437.\";\n\n\n\nif(description)\n{\n script_id(64057);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0437 (seamonkey)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:32", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0437.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code as the user running SeaMonkey.\n(CVE-2009-1303, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A\nweb page containing malicious content could execute arbitrary JavaScript in\nthe context of the site, possibly presenting misleading data to a user, or\nstealing sensitive information such as login credentials. (CVE-2009-0652,\nCVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)\n\nA flaw was found in the way SeaMonkey saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST data,\nthe POST data could be revealed to the inner frame, possibly surrendering\nsensitive information such as login credentials. (CVE-2009-1311)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0437", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063867", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063867", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0437.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0437 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0437.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code as the user running SeaMonkey.\n(CVE-2009-1303, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A\nweb page containing malicious content could execute arbitrary JavaScript in\nthe context of the site, possibly presenting misleading data to a user, or\nstealing sensitive information such as login credentials. (CVE-2009-0652,\nCVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)\n\nA flaw was found in the way SeaMonkey saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST data,\nthe POST data could be revealed to the inner frame, possibly surrendering\nsensitive information such as login credentials. (CVE-2009-1311)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63867\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0437\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0437.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.33.el2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.37.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~41.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:52", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2009:0437 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880902", "href": "http://plugins.openvas.org/nasl.php?oid=880902", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2009:0437 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, email and newsgroup client, IRC\n chat client, and HTML editor.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause SeaMonkey to crash or,\n potentially, execute arbitrary code as the user running SeaMonkey.\n (CVE-2009-1303, CVE-2009-1305)\n \n Several flaws were found in the way malformed web content was processed. A\n web page containing malicious content could execute arbitrary JavaScript in\n the context of the site, possibly presenting misleading data to a user, or\n stealing sensitive information such as login credentials. (CVE-2009-0652,\n CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)\n \n A flaw was found in the way SeaMonkey saved certain web pages to a local\n file. If a user saved the inner frame of a web page containing POST data,\n the POST data could be revealed to the inner frame, possibly surrendering\n sensitive information such as login credentials. (CVE-2009-1311)\n \n All SeaMonkey users should upgrade to these updated packages, which correct\n these issues. After installing the update, SeaMonkey must be restarted for\n the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-May/015907.html\");\n script_id(880902);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0437\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\",\n \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_name(\"CentOS Update for seamonkey CESA-2009:0437 centos4 i386\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:16", "description": "The remote host is missing updates to seamonkey announced in\nadvisory CESA-2009:0437.", "cvss3": {}, "published": "2009-05-25T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0437 (seamonkey)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064057", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064057", "sourceData": "#CESA-2009:0437 64057 4\n# $Id: ovcesa2009_0437.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0437 (seamonkey)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0437\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0437\nhttps://rhn.redhat.com/errata/RHSA-2009-0437.html\";\ntag_summary = \"The remote host is missing updates to seamonkey announced in\nadvisory CESA-2009:0437.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64057\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0437 (seamonkey)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~41.el4.centos\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:47", "description": "The host is installed with Mozilla Thunderbird and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1304", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-01-31T00:00:00", "id": "OPENVAS:900345", "href": "http://plugins.openvas.org/nasl.php?oid=900345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_thunderbird_mult_vuln_apr09_lin.nasl 5148 2017-01-31 13:16:55Z teissa $\n#\n# Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\n Impact Level: System/Application\";\ntag_affected = \"Thunderbird version prior to 2.0.0.22 on Linux.\";\ntag_insight = \"For more information about vulnerabilities on Thunderbird, go through the links\n mentioned in references.\";\ntag_solution = \"Upgrade to Thunderbird version 2.0.0.22\n http://www.mozillamessaging.com/en-US/thunderbird/all.html\";\ntag_summary = \"The host is installed with Mozilla Thunderbird and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(900345);\n script_version(\"$Revision: 5148 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-31 14:16:55 +0100 (Tue, 31 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/34780\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_thunderbird_detect_lin.nasl\");\n script_require_keys(\"Thunderbird/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\ntbVer = get_kb_item(\"Thunderbird/Linux/Ver\");\nif(!tbVer){\n exit(0);\n}\n\n# Grep for Thunderbird version prior to 2.0.0.22\nif(version_is_less(version:tbVer, test_version:\"2.0.0.22\")){\n security_message(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-29T22:26:35", "description": "The host is installed with Mozilla Thunderbird and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1304", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900345", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900345\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34780\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_thunderbird_detect_lin.nasl\");\n script_mandatory_keys(\"Thunderbird/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\");\n script_tag(name:\"affected\", value:\"Thunderbird version prior to 2.0.0.22 on Linux.\");\n script_tag(name:\"insight\", value:\"For more information about vulnerabilities on Thunderbird, go through the links\n mentioned in references.\");\n script_tag(name:\"solution\", value:\"Upgrade to Thunderbird version 2.0.0.22.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Thunderbird and is prone to\n multiple vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\ntbVer = get_kb_item(\"Thunderbird/Linux/Ver\");\nif(!tbVer)\n exit(0);\n\nif(version_is_less(version:tbVer, test_version:\"2.0.0.22\")){\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"2.0.0.22\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:13:46", "description": "The host is installed with Mozilla Thunderbird and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1304", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-01-31T00:00:00", "id": "OPENVAS:900344", "href": "http://plugins.openvas.org/nasl.php?oid=900344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_thunderbird_mult_vuln_apr09_win.nasl 5148 2017-01-31 13:16:55Z teissa $\n#\n# Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Windows)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\n Impact Level: System/Application\";\ntag_affected = \"Thunderbird version prior to 2.0.0.22 on Windows.\";\ntag_insight = \"For more information about vulnerabilities on Thunderbird, go through the links\n mentioned in references.\";\ntag_solution = \"Upgrade to Thunderbird version 2.0.0.22\n http://www.mozillamessaging.com/en-US/thunderbird/all.html\";\ntag_summary = \"The host is installed with Mozilla Thunderbird and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(900344);\n script_version(\"$Revision: 5148 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-31 14:16:55 +0100 (Tue, 31 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/34780\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_thunderbird_detect_win.nasl\");\n script_require_keys(\"Thunderbird/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(!tbVer){\n exit(0);\n}\n\n# Grep for Thunderbird version prior to 2.0.0.22\nif(version_is_less(version:tbVer, test_version:\"2.0.0.22\")){\n security_message(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-29T22:26:30", "description": "The host is installed with Mozilla Thunderbird and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2009-04-30T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1304", "CVE-2009-1309", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900344", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Windows)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900344\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-04-30 06:40:16 +0200 (Thu, 30 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\");\n script_bugtraq_id(34656);\n script_name(\"Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34780\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-14.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-16.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-17.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-18.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-19.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Thunderbird/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could result in Information Disclosure, XSS, Script\n Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or\n can cause denial of service attacks.\");\n script_tag(name:\"affected\", value:\"Thunderbird version prior to 2.0.0.22 on Windows.\");\n script_tag(name:\"insight\", value:\"For more information about vulnerabilities on Thunderbird, go through the links\n mentioned in references.\");\n script_tag(name:\"solution\", value:\"Upgrade to Thunderbird version 2.0.0.22.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Thunderbird and is prone to\n multiple vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(!tbVer)\n exit(0);\n\nif(version_is_less(version:tbVer, test_version:\"2.0.0.22\")){\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"2.0.0.22\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:28:23", "description": "The remote host is missing an update to xine-lib\nannounced via advisory USN-763-1.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Ubuntu USN-763-1 (xine-lib)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2008-4456", "CVE-2009-1304", "CVE-2008-4097", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1309", "CVE-2009-0991", "CVE-2009-0698", "CVE-2008-4098", "CVE-2009-1308", "CVE-2009-1274", "CVE-2009-1306", "CVE-2008-3963", "CVE-2008-2079", "CVE-2009-0664", "CVE-2009-1302", "CVE-2009-1301", "CVE-2009-1307", "CVE-2009-1310", "CVE-2009-1357", "CVE-2009-1303"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64143", "href": "http://plugins.openvas.org/nasl.php?oid=64143", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_763_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_763_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-763-1 (xine-lib)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libxine-main1 1.1.1+ubuntu2-7.12\n\nUbuntu 8.04 LTS:\n libxine1 1.1.11.1-1ubuntu3.4\n\nUbuntu 8.10:\n libxine1 1.1.15-0ubuntu3.3\n\nAfter a standard system upgrade you need to restart applications linked\nagainst xine-lib, such as Totem-xine and Amarok, to effect the necessary\nchanges.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-763-1\";\n\ntag_insight = \"It was discovered that the QT demuxer in xine-lib did not correctly handle\na large count value in an STTS atom, resulting in a heap-based buffer\noverflow. If a user or automated system were tricked into opening a\nspecially crafted MOV file, an attacker could execute arbitrary code as the\nuser invoking the program. (CVE-2009-1274)\n\nUSN-746-1 provided updated xine-lib packages to fix multiple security\nvulnerabilities. The security patch to fix CVE-2009-0698 was incomplete.\nThis update corrects the problem.\n\nOriginal advisory details:\n It was discovered that the 4xm demuxer in xine-lib did not correctly\n handle a large current_track value in a 4xm file, resulting in an integer\n overflow. If a user or automated system were tricked into opening a\n specially crafted 4xm movie file, an attacker could crash xine-lib or\n possibly execute arbitrary code with the privileges of the user invoking\n the program. (CVE-2009-0698)\";\ntag_summary = \"The remote host is missing an update to xine-lib\nannounced via advisory USN-763-1.\";\n\n \n\n\nif(description)\n{\n script_id(64143);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0698\", \"CVE-2009-1274\", \"CVE-2009-0991\", \"CVE-2009-1357\", \"CVE-2009-1301\", \"CVE-2009-0664\", \"CVE-2008-3963\", \"CVE-2008-2079\", \"CVE-2008-4097\", \"CVE-2008-4098\", \"CVE-2008-4456\", \"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-763-1 (xine-lib)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-763-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.1+ubuntu2-7.12\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-main1\", ver:\"1.1.1+ubuntu2-7.12\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-doc\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-all-plugins\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-plugins\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-bin\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-console\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-misc-plugins\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-x\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-ffmpeg\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-gnome\", ver:\"1.1.11.1-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-doc\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-all-plugins\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-plugins\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-bin\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-console\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-ffmpeg\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-gnome\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-misc-plugins\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-x\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.15-0ubuntu3.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"git-arch\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"git-doc\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"git-daemon-run\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gitweb\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"git-svn\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gitk\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"git-cvs\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"git-email\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"git-core\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"git-gui\", ver:\"1.5.6.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"slurm-llnl-doc\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpmi0-dev\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"slurm-llnl\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"slurm-llnl-slurmdbd\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpmi0\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"slurm-llnl-sview\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libslurm13\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"slurm-llnl-basic-plugins-dev\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libslurm13-dev\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"slurm-llnl-basic-plugins\", ver:\"1.3.6-1lenny3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mahara\", ver:\"1.0.4-4+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mahara-apache2\", ver:\"1.0.4-4+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser-3.0-branding\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-branding\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser-3.0-branding\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-branding\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:12", "description": "The remote host is missing updates to thunderbird announced in\nadvisory CESA-2009:1126.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1126 (thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64332", "href": "http://plugins.openvas.org/nasl.php?oid=64332", "sourceData": "#CESA-2009:1126 64332 2\n# $Id: ovcesa2009_1126.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1126 (thunderbird)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1126\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1126\nhttps://rhn.redhat.com/errata/RHSA-2009-1126.html\";\ntag_summary = \"The remote host is missing updates to thunderbird announced in\nadvisory CESA-2009:1126.\";\n\n\n\nif(description)\n{\n script_id(64332);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\", \"CVE-2009-1836\", \"CVE-2009-1838\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1126 (thunderbird)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.22~2.el5.centos\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2009:1126 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880870", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880870", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2009:1126 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-June/016011.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880870\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1126\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\",\n \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\",\n \"CVE-2009-1836\", \"CVE-2009-1838\");\n script_name(\"CentOS Update for thunderbird CESA-2009:1126 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 5\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed HTML mail content.\n An HTML mail message containing malicious content could cause Thunderbird\n to crash or, potentially, execute arbitrary code as the user running\n Thunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\n CVE-2009-1838)\n\n Several flaws were found in the way malformed HTML mail content was\n processed. An HTML mail message containing malicious content could execute\n arbitrary JavaScript in the context of the mail message, possibly\n presenting misleading data to the user, or stealing sensitive information\n such as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\n CVE-2009-1309)\n\n A flaw was found in the way Thunderbird handled error responses returned\n from proxy servers. If an attacker is able to conduct a man-in-the-middle\n attack against a Thunderbird instance that is using a proxy server, they\n may be able to steal sensitive information from the site Thunderbird is\n displaying. (CVE-2009-1836)\n\n Note: JavaScript support is disabled by default in Thunderbird. None of the\n above issues are exploitable unless JavaScript is enabled.\n\n All Thunderbird users should upgrade to this updated package, which\n resolves these issues. All running instances of Thunderbird must be\n restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.22~2.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:55:57", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1126.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing malicious content could execute\narbitrary JavaScript in the context of the mail message, possibly\npresenting misleading data to the user, or stealing sensitive information\nsuch as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\nCVE-2009-1309)\n\nA flaw was found in the way Thunderbird handled error responses returned\nfrom proxy servers. If an attacker is able to conduct a man-in-the-middle\nattack against a Thunderbird instance that is using a proxy server, they\nmay be able to steal sensitive information from the site Thunderbird is\ndisplaying. (CVE-2009-1836)\n\nNote: JavaScript support is disabled by default in Thunderbird. None of the\nabove issues are exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1126", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64279", "href": "http://plugins.openvas.org/nasl.php?oid=64279", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1126.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1126 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1126.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing malicious content could execute\narbitrary JavaScript in the context of the mail message, possibly\npresenting misleading data to the user, or stealing sensitive information\nsuch as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\nCVE-2009-1309)\n\nA flaw was found in the way Thunderbird handled error responses returned\nfrom proxy servers. If an attacker is able to conduct a man-in-the-middle\nattack against a Thunderbird instance that is using a proxy server, they\nmay be able to steal sensitive information from the site Thunderbird is\ndisplaying. (CVE-2009-1836)\n\nNote: JavaScript support is disabled by default in Thunderbird. None of the\nabove issues are exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64279);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\", \"CVE-2009-1836\", \"CVE-2009-1838\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1126\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1126.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.22~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~2.0.0.22~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:36", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2009:1126 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880870", "href": "http://plugins.openvas.org/nasl.php?oid=880870", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2009:1126 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed HTML mail content.\n An HTML mail message containing malicious content could cause Thunderbird\n to crash or, potentially, execute arbitrary code as the user running\n Thunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\n CVE-2009-1838)\n \n Several flaws were found in the way malformed HTML mail content was\n processed. An HTML mail message containing malicious content could execute\n arbitrary JavaScript in the context of the mail message, possibly\n presenting misleading data to the user, or stealing sensitive information\n such as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\n CVE-2009-1309)\n \n A flaw was found in the way Thunderbird handled error responses returned\n from proxy servers. If an attacker is able to conduct a man-in-the-middle\n attack against a Thunderbird instance that is using a proxy server, they\n may be able to steal sensitive information from the site Thunderbird is\n displaying. (CVE-2009-1836)\n \n Note: JavaScript support is disabled by default in Thunderbird. None of the\n above issues are exploitable unless JavaScript is enabled.\n \n All Thunderbird users should upgrade to this updated package, which\n resolves these issues. All running instances of Thunderbird must be\n restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-June/016011.html\");\n script_id(880870);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1126\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\",\n \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\",\n \"CVE-2009-1836\", \"CVE-2009-1838\");\n script_name(\"CentOS Update for thunderbird CESA-2009:1126 centos5 i386\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.22~2.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:09", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1126.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing malicious content could execute\narbitrary JavaScript in the context of the mail message, possibly\npresenting misleading data to the user, or stealing sensitive information\nsuch as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\nCVE-2009-1309)\n\nA flaw was found in the way Thunderbird handled error responses returned\nfrom proxy servers. If an attacker is able to conduct a man-in-the-middle\nattack against a Thunderbird instance that is using a proxy server, they\nmay be able to steal sensitive information from the site Thunderbird is\ndisplaying. (CVE-2009-1836)\n\nNote: JavaScript support is disabled by default in Thunderbird. None of the\nabove issues are exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1126", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064279", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064279", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1126.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1126 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1126.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing malicious content could execute\narbitrary JavaScript in the context of the mail message, possibly\npresenting misleading data to the user, or stealing sensitive information\nsuch as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308,\nCVE-2009-1309)\n\nA flaw was found in the way Thunderbird handled error responses returned\nfrom proxy servers. If an attacker is able to conduct a man-in-the-middle\nattack against a Thunderbird instance that is using a proxy server, they\nmay be able to steal sensitive information from the site Thunderbird is\ndisplaying. (CVE-2009-1836)\n\nNote: JavaScript support is disabled by default in Thunderbird. None of the\nabove issues are exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64279\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\", \"CVE-2009-1836\", \"CVE-2009-1838\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1126\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1126.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.22~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~2.0.0.22~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:34", "description": "The remote host is missing updates to thunderbird announced in\nadvisory CESA-2009:1126.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1126 (thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064332", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064332", "sourceData": "#CESA-2009:1126 64332 2\n# $Id: ovcesa2009_1126.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1126 (thunderbird)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1126\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1126\nhttps://rhn.redhat.com/errata/RHSA-2009-1126.html\";\ntag_summary = \"The remote host is missing updates to thunderbird announced in\nadvisory CESA-2009:1126.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64332\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\", \"CVE-2009-1836\", \"CVE-2009-1838\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1126 (thunderbird)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.22~2.el5.centos\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:44", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1125.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing malicious content could execute\narbitrary JavaScript in the context of the mail message, possibly\npresenting misleading data to the user, or stealing sensitive information\nsuch as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309)\n\nNote: JavaScript support is disabled by default in Thunderbird. None of the\nabove issues are exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1125", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064278", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064278", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1125.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1125 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1125.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing malicious content could execute\narbitrary JavaScript in the context of the mail message, possibly\npresenting misleading data to the user, or stealing sensitive information\nsuch as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309)\n\nNote: JavaScript support is disabled by default in Thunderbird. None of the\nabove issues are exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64278\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\", \"CVE-2009-1838\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1125\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1125.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~23.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~23.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:30", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1125.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing malicious content could execute\narbitrary JavaScript in the context of the mail message, possibly\npresenting misleading data to the user, or stealing sensitive information\nsuch as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309)\n\nNote: JavaScript support is disabled by default in Thunderbird. None of the\nabove issues are exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1125", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64278", "href": "http://plugins.openvas.org/nasl.php?oid=64278", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1125.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1125 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1125.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing malicious content could execute\narbitrary JavaScript in the context of the mail message, possibly\npresenting misleading data to the user, or stealing sensitive information\nsuch as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309)\n\nNote: JavaScript support is disabled by default in Thunderbird. None of the\nabove issues are exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64278);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\", \"CVE-2009-1838\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1125\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1125.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~23.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~23.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:09", "description": "The remote host is missing an update to thunderbird\nannounced via advisory USN-782-1.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Ubuntu USN-782-1 (thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64324", "href": "http://plugins.openvas.org/nasl.php?oid=64324", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_782_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_782_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-782-1 (thunderbird)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n thunderbird 2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\n\nUbuntu 8.10:\n thunderbird 2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\n\nUbuntu 9.04:\n thunderbird 2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\n\nAfter a standard system upgrade you need to restart Thunderbird to effect\nthe necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-782-1\";\n\ntag_insight = \"Several flaws were discovered in the JavaScript engine of Thunderbird. If a\nuser had JavaScript enabled and were tricked into viewing malicious web\ncontent, a remote attacker could cause a denial of service or possibly\nexecute arbitrary code with the privileges of the user invoking the\nprogram. (CVE-2009-1303, CVE-2009-1305, CVE-2009-1392, CVE-2009-1833,\nCVE-2009-1838)\n\nSeveral flaws were discovered in the way Thunderbird processed malformed\nURI schemes. If a user were tricked into viewing a malicious website and\nhad JavaScript and plugins enabled, a remote attacker could execute\narbitrary JavaScript or steal private data. (CVE-2009-1306, CVE-2009-1307,\nCVE-2009-1309)\n\nCefn Hoile discovered Thunderbird did not adequately protect against\nembedded third-party stylesheets. If JavaScript were enabled, an attacker\ncould exploit this to perform script injection attacks using XBL bindings.\n(CVE-2009-1308)\n\nShuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that\nThunderbird did not properly handle error responses when connecting to a\nproxy server. If a user had JavaScript enabled while using Thunderbird to\nview websites and a remote attacker were able to perform a\nman-in-the-middle attack, this flaw could be exploited to view sensitive\ninformation. (CVE-2009-1836)\n\nIt was discovered that Thunderbird could be made to run scripts with\nelevated privileges. If a user had JavaScript enabled while having\ncertain non-default add-ons installed and were tricked into viewing a\nmalicious website, an attacker could cause a chrome privileged object, such\nas the browser sidebar, to run arbitrary code via interactions with the\nattacker controlled website. (CVE-2009-1841)\";\ntag_summary = \"The remote host is missing an update to thunderbird\nannounced via advisory USN-782-1.\";\n\n \n\n\nif(description)\n{\n script_id(64324);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\", \"CVE-2009-1836\", \"CVE-2009-1838\", \"CVE-2009-1841\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-782-1 (thunderbird)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-782-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:12", "description": "The remote host is missing an update to mozilla-thunderbird\nannounced via advisory MDVSA-2009:141.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:141 (mozilla-thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-2210", "CVE-2009-1304", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1832", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1302", "CVE-2009-1840", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064287", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064287", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_141.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:141 (mozilla-thunderbird)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered for\nMozilla Thunderbird version 2.0.0.21 (CVE-2009-1302, CVE-2009-1303,\nCVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307,\nCVE-2009-1308, CVE-2009-1309, CVE-2009-2210, CVE-2009-1392,\nCVE-2009-1832, CVE-2009-1833, CVE-2009-1838, CVE-2009-1836,\nCVE-2009-1840, CVE-2009-1841).\n\nThis update provides the latest Thunderbird to correct these issues.\n\nAffected: 2009.0, 2009.1, Corporate 3.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:141\nhttp://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html#thunderbird2.0.0.21\";\ntag_summary = \"The remote host is missing an update to mozilla-thunderbird\nannounced via advisory MDVSA-2009:141.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64287\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-2210\", \"CVE-2009-1392\", \"CVE-2009-1832\", \"CVE-2009-1833\", \"CVE-2009-1838\", \"CVE-2009-1836\", \"CVE-2009-1840\", \"CVE-2009-1841\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:141 (mozilla-thunderbird)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-moztraybiff\", rpm:\"mozilla-thunderbird-moztraybiff~1.2.4~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-moztraybiff\", rpm:\"mozilla-thunderbird-moztraybiff~1.2.4~4.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:23", "description": "The remote host is missing an update to mozilla-thunderbird\nannounced via advisory MDVSA-2009:141.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:141 (mozilla-thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-2210", "CVE-2009-1304", "CVE-2009-1838", "CVE-2009-1309", "CVE-2009-1832", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1302", "CVE-2009-1840", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64287", "href": "http://plugins.openvas.org/nasl.php?oid=64287", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_141.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:141 (mozilla-thunderbird)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered for\nMozilla Thunderbird version 2.0.0.21 (CVE-2009-1302, CVE-2009-1303,\nCVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307,\nCVE-2009-1308, CVE-2009-1309, CVE-2009-2210, CVE-2009-1392,\nCVE-2009-1832, CVE-2009-1833, CVE-2009-1838, CVE-2009-1836,\nCVE-2009-1840, CVE-2009-1841).\n\nThis update provides the latest Thunderbird to correct these issues.\n\nAffected: 2009.0, 2009.1, Corporate 3.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:141\nhttp://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html#thunderbird2.0.0.21\";\ntag_summary = \"The remote host is missing an update to mozilla-thunderbird\nannounced via advisory MDVSA-2009:141.\";\n\n \n\nif(description)\n{\n script_id(64287);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-2210\", \"CVE-2009-1392\", \"CVE-2009-1832\", \"CVE-2009-1833\", \"CVE-2009-1838\", \"CVE-2009-1836\", \"CVE-2009-1840\", \"CVE-2009-1841\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:141 (mozilla-thunderbird)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.12mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.22~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-moztraybiff\", rpm:\"mozilla-thunderbird-moztraybiff~1.2.4~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.22~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~9.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.22~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-moztraybiff\", rpm:\"mozilla-thunderbird-moztraybiff~1.2.4~4.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.22~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.22~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:32", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-178-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2009-178-01 mozilla-thunderbird", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-2210", "CVE-2009-1304", "CVE-2009-1838", "CVE-2009-1832", "CVE-2009-1392", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231064315", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064315", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_178_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64315\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_version(\"$Revision: 14202 $\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1307\", \"CVE-2009-1392\", \"CVE-2009-1832\", \"CVE-2009-1833\",\n \"CVE-2009-1836\", \"CVE-2009-1838\", \"CVE-2009-1841\", \"CVE-2009-2210\");\n script_bugtraq_id(34656);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Slackware Advisory SSA:2009-178-01 mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(10\\.2|11\\.0|12\\.0|12\\.1|12\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-178-01\");\n\n script_tag(name:\"insight\", value:\"New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0,\n12.1, 12.2, and -current to fix security issues.\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2009-178-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:56", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-178-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2009-178-01 mozilla-thunderbird", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1833", "CVE-2009-2210", "CVE-2009-1304", "CVE-2009-1838", "CVE-2009-1832", "CVE-2009-1392", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1302", "CVE-2009-1307", "CVE-2009-1303"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64315", "href": "http://plugins.openvas.org/nasl.php?oid=64315", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_178_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0,\n12.1, 12.2, and -current to fix security issues.\n\nMore details about the issues may be found here:\n\nhttp://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-178-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-178-01\";\n \nif(description)\n{\n script_id(64315);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_version(\"$Revision: 6598 $\");\n script_cve_id(\"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\",\n \"CVE-2009-1307\", \"CVE-2009-1392\", \"CVE-2009-1832\", \"CVE-2009-1833\",\n \"CVE-2009-1836\", \"CVE-2009-1838\", \"CVE-2009-1841\", \"CVE-2009-2210\");\n script_bugtraq_id(34656);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n name = \"Slackware Advisory SSA:2009-178-01 mozilla-thunderbird \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22-i686-1\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:36", "description": "The remote host is missing an update to mpfr\nannounced via advisory USN-772-1.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Ubuntu USN-772-1 (mpfr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2008-0928", "CVE-2009-1465", "CVE-2009-1304", "CVE-2009-1572", "CVE-2009-0227", "CVE-2009-1131", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1194", "CVE-2009-0719", "CVE-2009-1309", "CVE-2009-1466", "CVE-2008-1945", "CVE-2009-0556", "CVE-2009-1464", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-0757", "CVE-2009-0223", "CVE-2009-0220", "CVE-2009-1482", "CVE-2009-1364", "CVE-2008-0068", "CVE-2009-1128", "CVE-2009-1302", "CVE-2009-0042", "CVE-2009-1130", "CVE-2008-1697", "CVE-2009-1307", "CVE-2008-4539", "CVE-2009-1303"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64173", "href": "http://plugins.openvas.org/nasl.php?oid=64173", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_772_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_772_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-772-1 (mpfr)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 9.04:\n lib64mpfr1 2.4.0-1ubuntu3.1\n libmpfr1ldbl 2.4.0-1ubuntu3.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-772-1\";\n\ntag_insight = \"It was discovered that MPFR improperly handled string lengths in its print\nroutines. If a user or automated system were tricked into processing\nspecially crafted data with applications linked against MPFR, an attacker\ncould cause a denial of service or execute arbitrary code with privileges\nof the user invoking the program.\";\ntag_summary = \"The remote host is missing an update to mpfr\nannounced via advisory USN-772-1.\";\n\n \n\n\nif(description)\n{\n script_id(64173);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0757\", \"CVE-2009-1194\", \"CVE-2009-1364\", \"CVE-2009-0719\", \"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-1572\", \"CVE-2009-1482\", \"CVE-2008-0068\", \"CVE-2008-1697\", \"CVE-2008-0928\", \"CVE-2008-4539\", \"CVE-2008-1945\", \"CVE-2009-1464\", \"CVE-2009-1465\", \"CVE-2009-1466\", \"CVE-2009-0042\", \"CVE-2009-1131\", \"CVE-2009-0556\", \"CVE-2009-1130\", \"CVE-2009-0227\", \"CVE-2009-0223\", \"CVE-2009-0220\", \"CVE-2009-1128\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-772-1 (mpfr)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-772-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmpfr-doc\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmpfr-dev\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmpfr1ldbl\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib64mpfr-dev\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib64mpfr1\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-doc\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-bin\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-dev\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf0.2-7\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozillainterfaces-java\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-xpcom\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-moinmoin\", ver:\"1.7.1-1ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-moinmoin\", ver:\"1.8.2-2ubuntu2.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qemu\", ver:\"0.9.1-10lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.2-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.2-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.9-2ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.9-2ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.9-6ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.9-6ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.11-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.11-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:34", "description": "The remote host is missing an update to pango1.0\nannounced via advisory USN-773-1.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Ubuntu USN-773-1 (pango1.0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2008-0928", "CVE-2009-1465", "CVE-2009-1304", "CVE-2009-1572", "CVE-2009-0227", "CVE-2009-1131", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1194", "CVE-2009-0719", "CVE-2009-1309", "CVE-2009-1466", "CVE-2008-1945", "CVE-2009-0556", "CVE-2009-1464", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-0223", "CVE-2009-0220", "CVE-2009-1482", "CVE-2009-1364", "CVE-2008-0068", "CVE-2009-1128", "CVE-2009-1302", "CVE-2009-0042", "CVE-2009-1130", "CVE-2008-1697", "CVE-2009-1307", "CVE-2008-4539", "CVE-2009-1303"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64174", "href": "http://plugins.openvas.org/nasl.php?oid=64174", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_773_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_773_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-773-1 (pango1.0)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libpango1.0-0 1.12.3-0ubuntu3.1\n\nUbuntu 8.04 LTS:\n libpango1.0-0 1.20.5-0ubuntu1.1\n\nUbuntu 8.10:\n libpango1.0-0 1.22.2-0ubuntu1.1\n\nAfter a standard system upgrade you need to restart your session to effect\nthe necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-773-1\";\n\ntag_insight = \"Will Drewry discovered that Pango incorrectly handled rendering text with\nlong glyphstrings. If a user were tricked into displaying specially crafted\ndata with applications linked against Pango, such as Firefox, an attacker\ncould cause a denial of service or execute arbitrary code with privileges\nof the user invoking the program.\";\ntag_summary = \"The remote host is missing an update to pango1.0\nannounced via advisory USN-773-1.\";\n\n \n\n\nif(description)\n{\n script_id(64174);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1194\", \"CVE-2009-1364\", \"CVE-2009-0719\", \"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-1572\", \"CVE-2009-1482\", \"CVE-2008-0068\", \"CVE-2008-1697\", \"CVE-2008-0928\", \"CVE-2008-4539\", \"CVE-2008-1945\", \"CVE-2009-1464\", \"CVE-2009-1465\", \"CVE-2009-1466\", \"CVE-2009-0042\", \"CVE-2009-1131\", \"CVE-2009-0556\", \"CVE-2009-1130\", \"CVE-2009-0227\", \"CVE-2009-0223\", \"CVE-2009-0220\", \"CVE-2009-1128\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-773-1 (pango1.0)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-773-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-doc\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-bin\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-dev\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf0.2-7\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozillainterfaces-java\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-xpcom\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-moinmoin\", ver:\"1.7.1-1ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-moinmoin\", ver:\"1.8.2-2ubuntu2.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qemu\", ver:\"0.9.1-10lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.2-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.2-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.9-2ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.9-2ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.9-6ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.9-6ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.11-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.11-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:48", "description": "The remote host is missing an update to libmodplug\nannounced via advisory USN-771-1.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Ubuntu USN-771-1 (libmodplug)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1305", "CVE-2009-1312", "CVE-2008-0928", "CVE-2009-1465", "CVE-2009-1304", "CVE-2009-1572", "CVE-2009-0227", "CVE-2009-1131", "CVE-2009-1311", "CVE-2009-0652", "CVE-2009-1194", "CVE-2009-0719", "CVE-2009-1309", "CVE-2009-1466", "CVE-2008-1945", "CVE-2009-0556", "CVE-2009-1464", "CVE-2009-1438", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-0757", "CVE-2009-0223", "CVE-2009-0220", "CVE-2009-1482", "CVE-2009-1364", "CVE-2008-0068", "CVE-2009-1128", "CVE-2009-1302", "CVE-2009-0042", "CVE-2009-1130", "CVE-2008-1697", "CVE-2009-1307", "CVE-2009-1513", "CVE-2008-4539", "CVE-2009-1303"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64172", "href": "http://plugins.openvas.org/nasl.php?oid=64172", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_771_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_771_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-771-1 (libmodplug)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libmodplug0c2 1:0.7-5ubuntu0.6.06.2\n\nUbuntu 8.04 LTS:\n libmodplug0c2 1:0.7-7ubuntu0.8.04.1\n\nUbuntu 8.10:\n libmodplug0c2 1:0.7-7ubuntu0.8.10.1\n\nUbuntu 9.04:\n libmodplug0c2 1:0.8.4-3ubuntu1.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-771-1\";\n\ntag_insight = \"It was discovered that libmodplug did not correctly handle certain\nparameters when parsing MED media files. If a user or automated system were\ntricked into opening a crafted MED file, an attacker could execute\narbitrary code with privileges of the user invoking the program.\n(CVE-2009-1438)\n\nManfred Tremmel and Stanislav Brabec discovered that libmodplug did not\ncorrectly handle long instrument names when parsing PAT sample files. If a\nuser or automated system were tricked into opening a crafted PAT file, an\nattacker could cause a denial of service or execute arbitrary code with\nprivileges of the user invoking the program. This issue only affected\nUbuntu 9.04. (CVE-2009-1438)\";\ntag_summary = \"The remote host is missing an update to libmodplug\nannounced via advisory USN-771-1.\";\n\n \n\n\nif(description)\n{\n script_id(64172);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1438\", \"CVE-2009-1513\", \"CVE-2009-0757\", \"CVE-2009-1194\", \"CVE-2009-1364\", \"CVE-2009-0719\", \"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-1572\", \"CVE-2009-1482\", \"CVE-2008-0068\", \"CVE-2008-1697\", \"CVE-2008-0928\", \"CVE-2008-4539\", \"CVE-2008-1945\", \"CVE-2009-1464\", \"CVE-2009-1465\", \"CVE-2009-1466\", \"CVE-2009-0042\", \"CVE-2009-1131\", \"CVE-2009-0556\", \"CVE-2009-1130\", \"CVE-2009-0227\", \"CVE-2009-0223\", \"CVE-2009-0220\", \"CVE-2009-1128\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-771-1 (libmodplug)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-771-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmodplug-dev\", ver:\"0.7-5ubuntu0.6.06.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmodplug0c2\", ver:\"0.7-5ubuntu0.6.06.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmodplug-dev\", ver:\"0.7-7ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmodplug0c2\", ver:\"0.7-7ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmodplug-dev\", ver:\"0.7-7ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmodplug0c2\", ver:\"0.7-7ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmodplug-dev\", ver:\"0.8.4-3ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmodplug0c2\", ver:\"0.8.4-3ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmpfr-doc\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmpfr-dev\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmpfr1ldbl\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib64mpfr-dev\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib64mpfr1\", ver:\"2.4.0-1ubuntu3.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.12.3-0ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.20.5-0ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-common\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-doc\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0-dbg\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-0\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpango1.0-dev\", ver:\"1.20.5-3+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-doc\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-bin\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf-dev\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwmf0.2-7\", ver:\"0.2.8.4-6+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozillainterfaces-java\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-xpcom\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs1d-dbg\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.9.0.9-0lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-moinmoin\", ver:\"1.7.1-1ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-moinmoin\", ver:\"1.8.2-2ubuntu2.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qemu\", ver:\"0.9.1-10lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.2-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.2-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.9-2ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.9-2ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.9-6ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.9-6ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.11-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.11-1ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:21", "description": "The remote host is missing an update to openssl\nannounced via advisory USN-792-1.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Ubuntu USN-792-1 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1151", "CVE-2009-1386", "CVE-2009-1150", "CVE-2009-1886", "CVE-2009-1305", "CVE-2009-1379", "CVE-2009-1833", "CVE-2009-1377", "CVE-2009-1838", "CVE-2009-1387", "CVE-2009-1309", "CVE-2009-1628", "CVE-2009-1378", "CVE-2009-1392", "CVE-2009-1308", "CVE-2009-1306", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1394", "CVE-2009-1307", "CVE-2009-1888", "CVE-2009-1303"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64323", "href": "http://plugins.openvas.org/nasl.php?oid=64323", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_792_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_792_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-792-1 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libssl0.9.8 0.9.8a-7ubuntu0.9\n\nUbuntu 8.04 LTS:\n libssl0.9.8 0.9.8g-4ubuntu3.7\n\nUbuntu 8.10:\n libssl0.9.8 0.9.8g-10.1ubuntu2.4\n\nUbuntu 9.04:\n libssl0.9.8 0.9.8g-15ubuntu3.2\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-792-1\";\n\ntag_insight = \"It was discovered that OpenSSL did not limit the number of DTLS records it\nwould buffer when they arrived with a future epoch. A remote attacker could\ncause a denial of service via memory resource consumption by sending a\nlarge number of crafted requests. (CVE-2009-1377)\n\nIt was discovered that OpenSSL did not properly free memory when processing\nDTLS fragments. A remote attacker could cause a denial of service via\nmemory resource consumption by sending a large number of crafted requests.\n(CVE-2009-1378)\n\nIt was discovered that OpenSSL did not properly handle certain server\ncertificates when processing DTLS packets. A remote DTLS server could cause\na denial of service by sending a message containing a specially crafted\nserver certificate. (CVE-2009-1379)\n\nIt was discovered that OpenSSL did not properly handle a DTLS\nChangeCipherSpec packet when it occurred before ClientHello. A remote\nattacker could cause a denial of service by sending a specially crafted\nrequest. (CVE-2009-1386)\n\nIt was discovered that OpenSSL did not properly handle out of sequence\nDTLS handshake messages. A remote attacker could cause a denial of service\nby sending a specially crafted request. (CVE-2009-1387)\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory USN-792-1.\";\n\n \n\n\nif(description)\n{\n script_id(64323);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\", \"CVE-2009-1628\", \"CVE-2009-1886\", \"CVE-2009-1888\", \"CVE-2009-1394\", \"CVE-2009-1150\", \"CVE-2009-1151\", \"CVE-2009-1303\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1392\", \"CVE-2009-1833\", \"CVE-2009-1836\", \"CVE-2009-1838\", \"CVE-2009-1841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-792-1 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-792-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8a-7ubuntu0.9\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8a-7ubuntu0.9\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8a-7ubuntu0.9\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8a-7ubuntu0.9\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-4ubuntu3.7\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-4ubuntu3.7\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-4ubuntu3.7\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.7\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.7\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-10.1ubuntu2.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-10.1ubuntu2.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-10.1ubuntu2.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-10.1ubuntu2.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-10.1ubuntu2.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-15ubuntu3.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15ubuntu3.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15ubuntu3.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15ubuntu3.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15ubuntu3.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-tools\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.2.5-4lenny6\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpmyadmin\", ver:\"2.11.8.1-5+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-29T22:26:41", "description": "The host is installed with Mozilla Firefox browser and is prone\n to URL spoofing and phising vulnerability.", "cvss3": {}, "published": "2009-02-26T00:00:00", "type": "openvas", "title": "Firefox URL Spoofing And Phising Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900512", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900512", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Firefox URL Spoofing And Phising Vulnerability (Linux)\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900512\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-02-26 05:27:20 +0100 (Thu, 26 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2009-0652\");\n script_bugtraq_id(33837);\n script_name(\"Firefox URL Spoofing And Phising Vulnerability (Linux)\");\n\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_lin.nasl\");\n script_mandatory_keys(\"Firefox/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful remote exploitation will let the attacker spoof the URL\n information by using homoglyphs of say the /(slash) and ?(question mark)and\n can gain sensitive information by redirecting the user to any malicious URL.\");\n script_tag(name:\"affected\", value:\"Mozilla Firefox version 3.0.6 and prior on Linux.\");\n script_tag(name:\"insight\", value:\"Firefox doesn't properly prevent the literal rendering of homoglyph\n characters in IDN domain names. This renders the user vulnerable to URL\n spoofing and phising attacks as the atatcker may redirect the user to a\n different arbitrary malformed website.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 3.6.3 or later\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox browser and is prone\n to URL spoofing and phising vulnerability.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/projects/security/tld-idn-policy-list.html\");\n script_xref(name:\"URL\", value:\"http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/firefox/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfirefoxVer = get_kb_item(\"Firefox/Linux/Ver\");\nif(!firefoxVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:firefoxVer, test_version:\"3.0.6\")){\n report = report_fixed_ver(installed_version:firefoxVer, vulnerable_range:\"Less than or equal to 3.0.6\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-07-02T21:13:58", "description": "The host is installed with Mozilla Firefox browser and is prone\n to URL spoofing and phising vulnerability.", "cvss3": {}, "published": "2009-02-26T00:00:00", "type": "openvas", "title": "Firefox URL Spoofing And Phising Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652"], "modified": "2017-01-20T00:00:00", "id": "OPENVAS:900512", "href": "http://plugins.openvas.org/nasl.php?oid=900512", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_firefox_url_spoof_vuln_lin.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Firefox URL Spoofing And Phising Vulnerability (Linux)\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful remote exploitation will let the attacker spoof the URL\n information by using homoglyphs of say the /(slash) and ?(question mark)and\n can gain sensitive information by redirecting the user to any malicious URL.\n Impact Level: Application\";\ntag_affected = \"Mozilla Firefox version 3.0.6 and prior on Linux.\";\ntag_insight = \"Firefox doesn't properly prevent the literal rendering of homoglyph\n characters in IDN domain names. This renders the user vulnerable to URL\n spoofing and phising attacks as the atatcker may redirect the user to a\n different arbitrary malformed website.\";\ntag_solution = \"Upgrade to Mozilla Firefox version 3.6.3 or later\n For updates refer to http://www.mozilla.com/en-US/firefox/\";\ntag_summary = \"The host is installed with Mozilla Firefox browser and is prone\n to URL spoofing and phising vulnerability.\";\n\nif(description)\n{\n script_id(900512);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-26 05:27:20 +0100 (Thu, 26 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2009-0652\");\n script_bugtraq_id(33837);\n script_name(\"Firefox URL Spoofing And Phising Vulnerability (Linux)\");\n\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_lin.nasl\");\n script_require_keys(\"Firefox/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/projects/security/tld-idn-policy-list.html\");\n script_xref(name : \"URL\" , value : \"http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfirefoxVer = get_kb_item(\"Firefox/Linux/Ver\");\nif(!firefoxVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:firefoxVer, test_version:\"3.0.6\")){\n security_message(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-29T22:26:40", "description": "The host is installed with Mozilla Firefox browser and is prone\n to URL spoofing and phising vulnerability.", "cvss3": {}, "published": "2009-02-26T00:00:00", "type": "openvas", "title": "Firefox URL Spoofing And Phising Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900513", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900513", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Firefox URL Spoofing And Phising Vulnerability (Windows)\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900513\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-02-26 05:27:20 +0100 (Thu, 26 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2009-0652\");\n script_bugtraq_id(33837);\n script_name(\"Firefox URL Spoofing And Phising Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/projects/security/tld-idn-policy-list.html\");\n script_xref(name:\"URL\", value:\"http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful remote exploitation will let the attacker spoof the URL\n information by using homoglyphs of say the /(slash) and ?(question mark)and\n can gain sensitive information by redirecting the user to any malicious URL.\");\n script_tag(name:\"affected\", value:\"Mozilla Firefox version 3.0.6 and prior on Windows.\");\n script_tag(name:\"insight\", value:\"Firefox doesn't properly prevent the literal rendering of homoglyph\n characters in IDN domain names. This renders the user vulnerable to URL\n spoofing and phising attacks as the atatcker may redirect the user to a\n different arbitrary malformed website.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 3.6.3 or later\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox browser and is prone\n to URL spoofing and phising vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/firefox/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfirefoxVer = get_kb_item(\"Firefox/Win/Ver\");\nif(!firefoxVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:firefoxVer, test_version:\"3.0.6\")){\n report = report_fixed_ver(installed_version:firefoxVer, vulnerable_range:\"Less than or equal to 3.0.6\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-07-02T21:14:19", "description": "The host is installed with Mozilla Firefox browser and is prone\n to URL spoofing and phising vulnerability.", "cvss3": {}, "published": "2009-02-26T00:00:00", "type": "openvas", "title": "Firefox URL Spoofing And Phising Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652"], "modified": "2017-01-20T00:00:00", "id": "OPENVAS:900513", "href": "http://plugins.openvas.org/nasl.php?oid=900513", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_firefox_url_spoof_vuln_win.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Firefox URL Spoofing And Phising Vulnerability (Windows)\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful remote exploitation will let the attacker spoof the URL\n information by using homoglyphs of say the /(slash) and ?(question mark)and\n can gain sensitive information by redirecting the user to any malicious URL.\n Impact Level: Application\";\ntag_affected = \"Mozilla Firefox version 3.0.6 and prior on Windows.\";\ntag_insight = \"Firefox doesn't properly prevent the literal rendering of homoglyph\n characters in IDN domain names. This renders the user vulnerable to URL\n spoofing and phising attacks as the atatcker may redirect the user to a\n different arbitrary malformed website.\";\ntag_solution = \"Upgrade to Mozilla Firefox version 3.6.3 or later\n For updates refer to http://www.mozilla.com/en-US/firefox/\";\ntag_summary = \"The host is installed with Mozilla Firefox browser and is prone\n to URL spoofing and phising vulnerability.\";\n\nif(description)\n{\n script_id(900513);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-26 05:27:20 +0100 (Thu, 26 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2009-0652\");\n script_bugtraq_id(33837);\n script_name(\"Firefox URL Spoofing And Phising Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/projects/security/tld-idn-policy-list.html\");\n script_xref(name : \"URL\" , value : \"http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\");\n script_require_keys(\"Firefox/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfirefoxVer = get_kb_item(\"Firefox/Win/Ver\");\nif(!firefoxVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:firefoxVer, test_version:\"3.0.6\")){\n security_message(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:15", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:010. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:010", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5344", "CVE-2009-1181", "CVE-2008-5346", "CVE-2009-1295", "CVE-2009-0946", "CVE-2009-1305", "CVE-2008-5339", "CVE-2009-1180", "CVE-2009-0789", "CVE-2009-1312", "CVE-2009-0544", "CVE-2009-1304", "CVE-2008-5340", "CVE-2008-5359", "CVE-2008-5343", "CVE-2009-1311", "CVE-2008-5348", "CVE-2009-0652", "CVE-2008-5357", "CVE-2008-5360", "CVE-2008-5356", "CVE-2008-2086", "CVE-2009-1309", "CVE-2009-0799", "CVE-2008-3112", "CVE-2008-3104", "CVE-2008-5342", "CVE-2009-1182", "CVE-2009-1086", "CVE-2008-5353", "CVE-2009-0165", "CVE-2009-0590", "CVE-2009-0166", "CVE-2009-1308", "CVE-2009-1306", "CVE-2008-3113", "CVE-2008-3114", "CVE-2009-0147", "CVE-2008-5350", "CVE-2008-5345", "CVE-2009-0585", "CVE-2008-5354", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0368", "CVE-2009-1302", "CVE-2009-0146", "CVE-2009-0591", "CVE-2009-1307", "CVE-2009-1310", "CVE-2008-5351", "CVE-2009-1303", "CVE-2009-0582", "CVE-2009-1179"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063996", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063996", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_010.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:010\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:010. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63996\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2008-2086\", \"CVE-2008-3104\", \"CVE-2008-3112\", \"CVE-2008-3113\", \"CVE-2008-3114\", \"CVE-2008-5339\", \"CVE-2008-5340\", \"CVE-2008-5342\", \"CVE-2008-5343\", \"CVE-2008-5344\", \"CVE-2008-5345\", \"CVE-2008-5346\", \"CVE-2008-5348\", \"CVE-2008-5350\", \"CVE-2008-5351\", \"CVE-2008-5353\", \"CVE-2008-5354\", \"CVE-2008-5356\", \"CVE-2008-5357\", \"CVE-2008-5359\", \"CVE-2008-5360\", \"CVE-2009-0146\", \"CVE-2009-0147\", \"CVE-2009-0165\", \"CVE-2009-0166\", \"CVE-2009-0368\", \"CVE-2009-0544\", \"CVE-2009-0582\", \"CVE-2009-0585\", \"CVE-2009-0590\", \"CVE-2009-0591\", \"CVE-2009-0652\", \"CVE-2009-0789\", \"CVE-2009-0799\", \"CVE-2009-0800\", \"CVE-2009-0946\", \"CVE-2009-1086\", \"CVE-2009-1179\", \"CVE-2009-1180\", \"CVE-2009-1181\", \"CVE-2009-1182\", \"CVE-2009-1183\", \"CVE-2009-1295\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:010\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"PackageKit\", rpm:\"PackageKit~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"PackageKit-devel\", rpm:\"PackageKit-devel~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"PackageKit-lang\", rpm:\"PackageKit-lang~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport\", rpm:\"apport~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-crashdb-opensuse\", rpm:\"apport-crashdb-opensuse~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-gtk\", rpm:\"apport-gtk~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-qt\", rpm:\"apport-qt~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-retrace\", rpm:\"apport-retrace~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1\", rpm:\"banshee-1~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-backend-engine-gstreamer\", rpm:\"banshee-1-backend-engine-gstreamer~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-backend-platform-gnome\", rpm:\"banshee-1-backend-platform-gnome~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-backend-platform-unix\", rpm:\"banshee-1-backend-platform-unix~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-devel\", rpm:\"banshee-1-devel~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-extensions-default\", rpm:\"banshee-1-extensions-default~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-lang\", rpm:\"banshee-1-lang~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-devel\", rpm:\"beagle-devel~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-firefox\", rpm:\"beagle-firefox~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-google\", rpm:\"beagle-google~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-lang\", rpm:\"beagle-lang~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-thunderbird\", rpm:\"beagle-thunderbird~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-alsa\", rpm:\"bluez-alsa~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-compat\", rpm:\"bluez-compat~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-devel\", rpm:\"bluez-devel~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-gstreamer\", rpm:\"bluez-gstreamer~4.22~6.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd\", rpm:\"drbd~8.2.7~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-debug\", rpm:\"drbd-kmp-debug~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-default\", rpm:\"drbd-kmp-default~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-pae\", rpm:\"drbd-kmp-pae~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-trace\", rpm:\"drbd-kmp-trace~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-xen\", rpm:\"drbd-kmp-xen~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"enscript\", rpm:\"enscript~1.6.4~152.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~2.24.1.1~4.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server\", rpm:\"evolution-data-server~2.24.1.1~5.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-devel\", rpm:\"evolution-data-server-devel~2.24.1.1~5.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-doc\", rpm:\"evolution-data-server-doc~2.24.1.1~5.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-lang\", rpm:\"evolution-data-server-lang~2.24.1.1~5.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~2.24.1.1~4.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-lang\", rpm:\"evolution-lang~2.24.1.1~4.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-mono-providers\", rpm:\"evolution-mono-providers~0.1.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-pilot\", rpm:\"evolution-pilot~2.24.1.1~4.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"foomatic-filters\", rpm:\"foomatic-filters~3.0.2~269.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.3.7~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2-devel\", rpm:\"freetype2-devel~2.3.7~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-ijs-devel\", rpm:\"ghostscript-ijs-devel~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.3.11~2.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit-lang\", rpm:\"gnome-packagekit-lang~0.3.11~2.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-session\", rpm:\"gnome-session~2.24.1~6.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-session-branding-upstream\", rpm:\"gnome-session-branding-upstream~2.24.1~6.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-session-lang\", rpm:\"gnome-session-lang~2.24.1~6.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtkhtml2\", rpm:\"gtkhtml2~3.24.1.1~1.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtkhtml2-devel\", rpm:\"gtkhtml2-devel~3.24.1.1~1.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtkhtml2-lang\", rpm:\"gtkhtml2-lang~3.24.1.1~1.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3\", rpm:\"kdegraphics3~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-3D\", rpm:\"kdegraphics3-3D~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-devel\", rpm:\"kdegraphics3-devel~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-extra\", rpm:\"kdegraphics3-extra~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-fax\", rpm:\"kdegraphics3-fax~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-imaging\", rpm:\"kdegraphics3-imaging~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-kamera\", rpm:\"kdegraphics3-kamera~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-postscript\", rpm:\"kdegraphics3-postscript~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-scan\", rpm:\"kdegraphics3-scan~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-tex\", rpm:\"kdegraphics3-tex~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libbluetooth3\", rpm:\"libbluetooth3~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfprint-devel\", rpm:\"libfprint-devel~0.0.6~10.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfprint0\", rpm:\"libfprint0~0.0.6~10.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomeui\", rpm:\"libgnomeui~2.24.0~1.36.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomeui-devel\", rpm:\"libgnomeui-devel~2.24.0~1.36.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomeui-doc\", rpm:\"libgnomeui-doc~2.24.0~1.36.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomeui-lang\", rpm:\"libgnomeui-lang~2.24.0~1.36.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.6~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpackagekit-glib10\", rpm:\"libpackagekit-glib10~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpackagekit-glib10-devel\", rpm:\"libpackagekit-glib10-devel~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpackagekit-qt10\", rpm:\"libpackagekit-qt10~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpackagekit-qt10-devel\", rpm:\"libpackagekit-qt10-devel~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1\", rpm:\"libqdialogsolver1~1.2.9~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1-devel\", rpm:\"libqdialogsolver1-devel~1.2.9~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~206.24.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~206.24.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-gnome\", rpm:\"libwmf-gnome~0.2.8.4~206.24.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~5.29.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~5.29.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.4p6~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp-doc\", rpm:\"ntp-doc~4.2.4p6~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openmotif22-libs\", rpm:\"openmotif22-libs~2.2.4~137.73.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.6~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc-devel\", rpm:\"opensc-devel~0.11.6~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pam_fp\", rpm:\"pam_fp~0.1~11.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-satsolver\", rpm:\"perl-satsolver~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-crypto\", rpm:\"python-crypto~2.0.1~28.115.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-satsolver\", rpm:\"python-satsolver~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ruby-satsolver\", rpm:\"ruby-satsolver~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"unbound\", rpm:\"unbound~1.0.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"unbound-devel\", rpm:\"unbound-devel~1.0.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-bootloader\", rpm:\"yast2-bootloader~2.17.59~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network\", rpm:\"yast2-network~2.17.77~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network-devel-doc\", rpm:\"yast2-network-devel-doc~2.17.77~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.17.38~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-qt-pkg\", rpm:\"yast2-qt-pkg~2.17.27~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~1.0.9~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~119.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server\", rpm:\"evolution-data-server~2.22.1.1~11.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-devel\", rpm:\"evolution-data-server-devel~2.22.1.1~11.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-doc\", rpm:\"evolution-data-server-doc~2.22.1.1~11.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.3.5~62.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2-devel\", rpm:\"freetype2-devel~2.3.5~62.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-ijs-devel\", rpm:\"ghostscript-ijs-devel~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.12.9~37.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.12.9~37.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.12.9~37.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.12.9~37.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3\", rpm:\"kdegraphics3~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-3D\", rpm:\"kdegraphics3-3D~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-devel\", rpm:\"kdegraphics3-devel~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-extra\", rpm:\"kdegraphics3-extra~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-fax\", rpm:\"kdegraphics3-fax~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-imaging\", rpm:\"kdegraphics3-imaging~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-kamera\", rpm:\"kdegraphics3-kamera~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-postscript\", rpm:\"kdegraphics3-postscript~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-scan\", rpm:\"kdegraphics3-scan~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-tex\", rpm:\"kdegraphics3-tex~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~258.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~258.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.4~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~164.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~164.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-gnome\", rpm:\"libwmf-gnome~0.2.8.4~164.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.4p4~44.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp-doc\", rpm:\"ntp-doc~4.2.4p4~44.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openmotif22-libs\", rpm:\"openmotif22-libs~2.2.4~149.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.4~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc-devel\", rpm:\"opensc-devel~0.11.4~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-crypto\", rpm:\"python-crypto~2.0.1~164.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~75.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server\", rpm:\"evolution-data-server~1.12.0~5.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-devel\", rpm:\"evolution-data-server-devel~1.12.0~5.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-doc\", rpm:\"evolution-data-server-doc~1.12.0~5.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.3.5~18.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2-devel\", rpm:\"freetype2-devel~2.3.5~18.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-ijs-devel\", rpm:\"ghostscript-ijs-devel~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3\", rpm:\"kdegraphics3~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-3D\", rpm:\"kdegraphics3-3D~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-devel\", rpm:\"kdegraphics3-devel~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-extra\", rpm:\"kdegraphics3-extra~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-fax\", rpm:\"kdegraphics3-fax~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-imaging\", rpm:\"kdegraphics3-imaging~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-kamera\", rpm:\"kdegraphics3-kamera~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-postscript\", rpm:\"kdegraphics3-postscript~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-scan\", rpm:\"kdegraphics3-scan~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-tex\", rpm:\"kdegraphics3-tex~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~178.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~178.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.3~21.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~92.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~92.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-gnome\", rpm:\"libwmf-gnome~0.2.8.4~92.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openmotif22-libs\", rpm:\"openmotif22-libs~2.2.4~84.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.3~21.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc-devel\", rpm:\"opensc-devel~0.11.3~21.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-crypto\", rpm:\"python-crypto~2.0.1~103.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.16\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.16\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.16\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xntp\", rpm:\"xntp~4.2.4p3~25.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xntp-doc\", rpm:\"xntp-doc~4.2.4p3~25.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:13", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:010. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:010", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5344", "CVE-2009-1181", "CVE-2008-5346", "CVE-2009-1295", "CVE-2009-0946", "CVE-2009-1305", "CVE-2008-5339", "CVE-2009-1180", "CVE-2009-0789", "CVE-2009-1312", "CVE-2009-0544", "CVE-2009-1304", "CVE-2008-5340", "CVE-2008-5359", "CVE-2008-5343", "CVE-2009-1311", "CVE-2008-5348", "CVE-2009-0652", "CVE-2008-5357", "CVE-2008-5360", "CVE-2008-5356", "CVE-2008-2086", "CVE-2009-1309", "CVE-2009-0799", "CVE-2008-3112", "CVE-2008-3104", "CVE-2008-5342", "CVE-2009-1182", "CVE-2009-1086", "CVE-2008-5353", "CVE-2009-0165", "CVE-2009-0590", "CVE-2009-0166", "CVE-2009-1308", "CVE-2009-1306", "CVE-2008-3113", "CVE-2008-3114", "CVE-2009-0147", "CVE-2008-5350", "CVE-2008-5345", "CVE-2009-0585", "CVE-2008-5354", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0368", "CVE-2009-1302", "CVE-2009-0146", "CVE-2009-0591", "CVE-2009-1307", "CVE-2009-1310", "CVE-2008-5351", "CVE-2009-1303", "CVE-2009-0582", "CVE-2009-1179"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:63996", "href": "http://plugins.openvas.org/nasl.php?oid=63996", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_010.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:010\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:010. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63996);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2008-2086\", \"CVE-2008-3104\", \"CVE-2008-3112\", \"CVE-2008-3113\", \"CVE-2008-3114\", \"CVE-2008-5339\", \"CVE-2008-5340\", \"CVE-2008-5342\", \"CVE-2008-5343\", \"CVE-2008-5344\", \"CVE-2008-5345\", \"CVE-2008-5346\", \"CVE-2008-5348\", \"CVE-2008-5350\", \"CVE-2008-5351\", \"CVE-2008-5353\", \"CVE-2008-5354\", \"CVE-2008-5356\", \"CVE-2008-5357\", \"CVE-2008-5359\", \"CVE-2008-5360\", \"CVE-2009-0146\", \"CVE-2009-0147\", \"CVE-2009-0165\", \"CVE-2009-0166\", \"CVE-2009-0368\", \"CVE-2009-0544\", \"CVE-2009-0582\", \"CVE-2009-0585\", \"CVE-2009-0590\", \"CVE-2009-0591\", \"CVE-2009-0652\", \"CVE-2009-0789\", \"CVE-2009-0799\", \"CVE-2009-0800\", \"CVE-2009-0946\", \"CVE-2009-1086\", \"CVE-2009-1179\", \"CVE-2009-1180\", \"CVE-2009-1181\", \"CVE-2009-1182\", \"CVE-2009-1183\", \"CVE-2009-1295\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:010\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"PackageKit\", rpm:\"PackageKit~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"PackageKit-devel\", rpm:\"PackageKit-devel~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"PackageKit-lang\", rpm:\"PackageKit-lang~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport\", rpm:\"apport~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-crashdb-opensuse\", rpm:\"apport-crashdb-opensuse~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-gtk\", rpm:\"apport-gtk~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-qt\", rpm:\"apport-qt~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-retrace\", rpm:\"apport-retrace~0.114~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1\", rpm:\"banshee-1~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-backend-engine-gstreamer\", rpm:\"banshee-1-backend-engine-gstreamer~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-backend-platform-gnome\", rpm:\"banshee-1-backend-platform-gnome~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-backend-platform-unix\", rpm:\"banshee-1-backend-platform-unix~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-devel\", rpm:\"banshee-1-devel~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-extensions-default\", rpm:\"banshee-1-extensions-default~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"banshee-1-lang\", rpm:\"banshee-1-lang~1.4.3~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-devel\", rpm:\"beagle-devel~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-firefox\", rpm:\"beagle-firefox~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-google\", rpm:\"beagle-google~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-lang\", rpm:\"beagle-lang~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-thunderbird\", rpm:\"beagle-thunderbird~0.3.8~46.34.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.5.0P2~18.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-alsa\", rpm:\"bluez-alsa~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-compat\", rpm:\"bluez-compat~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-devel\", rpm:\"bluez-devel~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-gstreamer\", rpm:\"bluez-gstreamer~4.22~6.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd\", rpm:\"drbd~8.2.7~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-debug\", rpm:\"drbd-kmp-debug~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-default\", rpm:\"drbd-kmp-default~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-pae\", rpm:\"drbd-kmp-pae~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-trace\", rpm:\"drbd-kmp-trace~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-xen\", rpm:\"drbd-kmp-xen~8.2.7_2.6.27.21_0.1~1.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"enscript\", rpm:\"enscript~1.6.4~152.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~2.24.1.1~4.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server\", rpm:\"evolution-data-server~2.24.1.1~5.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-devel\", rpm:\"evolution-data-server-devel~2.24.1.1~5.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-doc\", rpm:\"evolution-data-server-doc~2.24.1.1~5.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-lang\", rpm:\"evolution-data-server-lang~2.24.1.1~5.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~2.24.1.1~4.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-lang\", rpm:\"evolution-lang~2.24.1.1~4.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-mono-providers\", rpm:\"evolution-mono-providers~0.1.1~2.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-pilot\", rpm:\"evolution-pilot~2.24.1.1~4.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"foomatic-filters\", rpm:\"foomatic-filters~3.0.2~269.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.3.7~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2-devel\", rpm:\"freetype2-devel~2.3.7~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-ijs-devel\", rpm:\"ghostscript-ijs-devel~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.62~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.3.11~2.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit-lang\", rpm:\"gnome-packagekit-lang~0.3.11~2.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-session\", rpm:\"gnome-session~2.24.1~6.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-session-branding-upstream\", rpm:\"gnome-session-branding-upstream~2.24.1~6.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-session-lang\", rpm:\"gnome-session-lang~2.24.1~6.3.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtkhtml2\", rpm:\"gtkhtml2~3.24.1.1~1.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtkhtml2-devel\", rpm:\"gtkhtml2-devel~3.24.1.1~1.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtkhtml2-lang\", rpm:\"gtkhtml2-lang~3.24.1.1~1.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3\", rpm:\"kdegraphics3~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-3D\", rpm:\"kdegraphics3-3D~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-devel\", rpm:\"kdegraphics3-devel~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-extra\", rpm:\"kdegraphics3-extra~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-fax\", rpm:\"kdegraphics3-fax~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-imaging\", rpm:\"kdegraphics3-imaging~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-kamera\", rpm:\"kdegraphics3-kamera~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-postscript\", rpm:\"kdegraphics3-postscript~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-scan\", rpm:\"kdegraphics3-scan~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-tex\", rpm:\"kdegraphics3-tex~3.5.10~1.63.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libbluetooth3\", rpm:\"libbluetooth3~4.22~6.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfprint-devel\", rpm:\"libfprint-devel~0.0.6~10.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfprint0\", rpm:\"libfprint0~0.0.6~10.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~31.43.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomeui\", rpm:\"libgnomeui~2.24.0~1.36.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomeui-devel\", rpm:\"libgnomeui-devel~2.24.0~1.36.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomeui-doc\", rpm:\"libgnomeui-doc~2.24.0~1.36.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomeui-lang\", rpm:\"libgnomeui-lang~2.24.0~1.36.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.6~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpackagekit-glib10\", rpm:\"libpackagekit-glib10~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpackagekit-glib10-devel\", rpm:\"libpackagekit-glib10-devel~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpackagekit-qt10\", rpm:\"libpackagekit-qt10~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpackagekit-qt10-devel\", rpm:\"libpackagekit-qt10-devel~0.3.11~1.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1\", rpm:\"libqdialogsolver1~1.2.9~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1-devel\", rpm:\"libqdialogsolver1-devel~1.2.9~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~206.24.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~206.24.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-gnome\", rpm:\"libwmf-gnome~0.2.8.4~206.24.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~5.29.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~5.29.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.4p6~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp-doc\", rpm:\"ntp-doc~4.2.4p6~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openmotif22-libs\", rpm:\"openmotif22-libs~2.2.4~137.73.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.6~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc-devel\", rpm:\"opensc-devel~0.11.6~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pam_fp\", rpm:\"pam_fp~0.1~11.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-satsolver\", rpm:\"perl-satsolver~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-crypto\", rpm:\"python-crypto~2.0.1~28.115.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-satsolver\", rpm:\"python-satsolver~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.10~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ruby-satsolver\", rpm:\"ruby-satsolver~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.13.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"unbound\", rpm:\"unbound~1.0.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"unbound-devel\", rpm:\"unbound-devel~1.0.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-bootloader\", rpm:\"yast2-bootloader~2.17.59~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network\", rpm:\"yast2-network~2.17.77~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network-devel-doc\", rpm:\"yast2-network-devel-doc~2.17.77~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.17.38~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-qt-pkg\", rpm:\"yast2-qt-pkg~2.17.27~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~1.0.9~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~119.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server\", rpm:\"evolution-data-server~2.22.1.1~11.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-devel\", rpm:\"evolution-data-server-devel~2.22.1.1~11.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-doc\", rpm:\"evolution-data-server-doc~2.22.1.1~11.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.3.5~62.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2-devel\", rpm:\"freetype2-devel~2.3.5~62.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-ijs-devel\", rpm:\"ghostscript-ijs-devel~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.62~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.12.9~37.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.12.9~37.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.12.9~37.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.12.9~37.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3\", rpm:\"kdegraphics3~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-3D\", rpm:\"kdegraphics3-3D~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-devel\", rpm:\"kdegraphics3-devel~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-extra\", rpm:\"kdegraphics3-extra~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-fax\", rpm:\"kdegraphics3-fax~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-imaging\", rpm:\"kdegraphics3-imaging~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-kamera\", rpm:\"kdegraphics3-kamera~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-postscript\", rpm:\"kdegraphics3-postscript~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-scan\", rpm:\"kdegraphics3-scan~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-tex\", rpm:\"kdegraphics3-tex~3.5.9~53.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~258.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~258.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.4~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~164.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~164.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-gnome\", rpm:\"libwmf-gnome~0.2.8.4~164.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.10~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.4p4~44.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp-doc\", rpm:\"ntp-doc~4.2.4p4~44.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openmotif22-libs\", rpm:\"openmotif22-libs~2.2.4~149.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.4~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc-devel\", rpm:\"opensc-devel~0.11.4~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-crypto\", rpm:\"python-crypto~2.0.1~164.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~75.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server\", rpm:\"evolution-data-server~1.12.0~5.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-devel\", rpm:\"evolution-data-server-devel~1.12.0~5.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"evolution-data-server-doc\", rpm:\"evolution-data-server-doc~1.12.0~5.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.3.5~18.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2-devel\", rpm:\"freetype2-devel~2.3.5~18.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-ijs-devel\", rpm:\"ghostscript-ijs-devel~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.4~3.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3\", rpm:\"kdegraphics3~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-3D\", rpm:\"kdegraphics3-3D~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-devel\", rpm:\"kdegraphics3-devel~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-extra\", rpm:\"kdegraphics3-extra~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-fax\", rpm:\"kdegraphics3-fax~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-imaging\", rpm:\"kdegraphics3-imaging~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-kamera\", rpm:\"kdegraphics3-kamera~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-postscript\", rpm:\"kdegraphics3-postscript~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-scan\", rpm:\"kdegraphics3-scan~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdegraphics3-tex\", rpm:\"kdegraphics3-tex~3.5.7~60.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~178.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~178.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.3~21.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~92.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~92.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwmf-gnome\", rpm:\"libwmf-gnome~0.2.8.4~92.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openmotif22-libs\", rpm:\"openmotif22-libs~2.2.4~84.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.3~21.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc-devel\", rpm:\"opensc-devel~0.11.3~21.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-crypto\", rpm:\"python-crypto~2.0.1~103.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.16\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.16\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.16\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xntp\", rpm:\"xntp~4.2.4p3~25.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xntp-doc\", rpm:\"xntp-doc~4.2.4p3~25.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-08-19T12:57:47", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials.\n(CVE-2009-1311)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090421_FIREFOX_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60572", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60572);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was\nprocessed. A web page containing malicious content could execute\narbitrary JavaScript in the context of the site, possibly presenting\nmisleading data to a user, or stealing sensitive information such as\nlogin credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307,\nCVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST\ndata, the POST data could be revealed to the inner frame, possibly\nsurrendering sensitive information such as login credentials.\n(CVE-2009-1311)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0904&L=scientific-linux-errata&T=0&P=2856\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c5a655e5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 79, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.0.9-1.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.0.9-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.0.9-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.0.9-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-unstable-1.9.0.9-1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:59", "description": "From Red Hat Security Advisory 2009:0436 :\n\nUpdated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials.\n(CVE-2009-1311)\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 : firefox (ELSA-2009-0436)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:firefox", "p-cpe:/a:oracle:linux:xulrunner", "p-cpe:/a:oracle:linux:xulrunner-devel", "p-cpe:/a:oracle:linux:xulrunner-devel-unstable", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0436.NASL", "href": "https://www.tenable.com/plugins/nessus/67847", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0436 and \n# Oracle Linux Security Advisory ELSA-2009-0436 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67847);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_xref(name:\"RHSA\", value:\"2009:0436\");\n\n script_name(english:\"Oracle Linux 4 / 5 : firefox (ELSA-2009-0436)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0436 :\n\nUpdated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was\nprocessed. A web page containing malicious content could execute\narbitrary JavaScript in the context of the site, possibly presenting\nmisleading data to a user, or stealing sensitive information such as\nlogin credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307,\nCVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local\nfile. If a user saved the inner frame of a web page containing POST\ndata, the POST data could be revealed to the inner frame, possibly\nsurrendering sensitive information such as login credentials.\n(CVE-2009-1311)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.0.9. You can find a link to the\nMozilla advisories in the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.0.9, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-April/000981.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-April/000983.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 79, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel-unstable\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"firefox-3.0.9-1.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"firefox-3.0.9-1.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-1.9.0.9-1.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-1.9.0.9-1.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-unstable-1.9.0.9-1.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel / xulrunner-devel-unstable\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T15:44:45", "description": "The installed version of Firefox is earlier than 3.0.9. Such versions are potentially affected by the following security issues :\n\n - Multiple remote memory corruption vulnerabilities exist that can be exploited to execute arbitrary code in the context of the user running the affected application.\n (MFSA 2009-14)\n\n - A flaw may exist where Unicode box drawing characters are allowed in Internationalized Domain Names where they could be visually confused with punctuation used in valid web addresses. An attacker can leverage this to launch a phishing-type scam against a victim. (MFSA 2009-15)\n\n - A vulnerability exists when the 'jar:' scheme is used to wrap a URI which serves the content with 'Content-Disposition: attachment'. An attacker can leverage this to subvert sites that use this mechanism to mitigate content injection attacks. (MFSA 2009-16) \n - When an Adobe Flash file is loaded via the 'view-source:' scheme, the Flash plugin misinterprets the origin of the content as localhost. An attacker can leverage this to launch cross-site request forgery attacks. It is also possible to exploit this to place cookie-like objects on victim's computers.\n (MFSA 2009-17)\n\n - A vulnerability exists that allows attackers to inject arbitrary scripts into sites via XBL bindings. This vulnerability requires the attacker to have the ability to embed third-party stylesheets into the site. (MFSA 2009-18)\n\n - Multiple remote code execution vulnerabilities exist caused by the creation of documents whose URI does not match the document's principle using XMLHttpRequest, as well as a flaw in the 'XPCNativeWrapper.ToString' '__proto__' coming from the wrong scope. (MFSA 2009-19)\n\n - A malicious MozSearch plugin could be created using a javascript: URI in the SearchForm value. An attacker can leverage this in order to inject code into arbitrary sites. (MFSA 2009-20)\n\n - An information disclosure vulnerability exists when saving the inner frame of a web page as a file when the outer page has POST data associated with it. (MFSA 2009-21)\n\n - A cross-site scripting vulnerability exists when handling a Refresh header containing a javascript: URI.\n (MFSA 2009-22)", "cvss3": {"score": null, "vector": null}, "published": "2009-04-22T00:00:00", "type": "nessus", "title": "Firefox < 3.0.9 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312"], "modified": "2018-07-17T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_309.NASL", "href": "https://www.tenable.com/plugins/nessus/36215", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36215);\n script_version(\"1.20\");\n\n script_cve_id(\n \"CVE-2009-0652\", \n \"CVE-2009-1302\", \n \"CVE-2009-1303\", \n \"CVE-2009-1304\", \n \"CVE-2009-1305\",\n \"CVE-2009-1306\", \n \"CVE-2009-1307\", \n \"CVE-2009-1308\", \n \"CVE-2009-1309\", \n \"CVE-2009-1310\",\n \"CVE-2009-1311\", \n \"CVE-2009-1312\"\n );\n script_bugtraq_id(33837, 34656);\n\n script_name(english:\"Firefox < 3.0.9 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox is earlier than 3.0.9. Such versions\nare potentially affected by the following security issues :\n\n - Multiple remote memory corruption vulnerabilities exist\n that can be exploited to execute arbitrary code in the\n context of the user running the affected application.\n (MFSA 2009-14)\n\n - A flaw may exist where Unicode box drawing characters\n are allowed in Internationalized Domain Names where they\n could be visually confused with punctuation used in\n valid web addresses. An attacker can leverage this to\n launch a phishing-type scam against a victim. \n (MFSA 2009-15)\n\n - A vulnerability exists when the 'jar:' scheme is used to\n wrap a URI which serves the content with\n 'Content-Disposition: attachment'. An attacker can\n leverage this to subvert sites that use this mechanism\n to mitigate content injection attacks. (MFSA 2009-16)\n \n - When an Adobe Flash file is loaded via the\n 'view-source:' scheme, the Flash plugin misinterprets\n the origin of the content as localhost. An attacker can\n leverage this to launch cross-site request forgery\n attacks. It is also possible to exploit this to place\n cookie-like objects on victim's computers.\n (MFSA 2009-17)\n\n - A vulnerability exists that allows attackers to inject\n arbitrary scripts into sites via XBL bindings. This\n vulnerability requires the attacker to have the ability\n to embed third-party stylesheets into the site. \n (MFSA 2009-18)\n\n - Multiple remote code execution vulnerabilities exist\n caused by the creation of documents whose URI does not\n match the document's principle using XMLHttpRequest, as\n well as a flaw in the 'XPCNativeWrapper.ToString'\n '__proto__' coming from the wrong scope. (MFSA 2009-19)\n\n - A malicious MozSearch plugin could be created using a\n javascript: URI in the SearchForm value. An attacker can\n leverage this in order to inject code into arbitrary\n sites. (MFSA 2009-20)\n\n - An information disclosure vulnerability exists when\n saving the inner frame of a web page as a file when the\n outer page has POST data associated with it. \n (MFSA 2009-21)\n\n - A cross-site scripting vulnerability exists when\n handling a Refresh header containing a javascript: URI.\n (MFSA 2009-22)\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-15/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-16/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-17/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-18/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-19/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-20/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-21/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-22/\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 3.0.9 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 79, 200, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2009/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2009/04/21\");\n script_cvs_date(\"Date: 2018/07/17 12:00:07\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\nscript_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n exit(0);\n}\n\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\"); \n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'3.0.9', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:56", "description": "The installed version of Firefox is earlier than 3.0.9. Such versions are potentially affected by the following security issues :\n - Multiple remote memory corruption vulnerabilities exist that can be exploited to execute arbitrary code in the context of the user running the affected application. (MFSA 2009-14)\n - A flaw may exist where Unicode box drawing characters are allowed in Internationalized Domain Names where they could be visually confused with punctuation used in valid web addresses. An attacker can leverage this to launch a phishing-type scam against a victim. (MFSA 2009-15)\n - A vulnerability exists when the 'jar:' scheme is used to wrap a URI which serves the content with 'Content-Disposition: attachment'. An attacker can leverage this to subvert sites which use this mechanism to mitigate content injection attacks. (MFSA 2009-16)\n - When an Adobe Flash file is loaded via the 'view-source:' scheme, the Flash plugin misinterprets the origin of the content as localhost. An attacker can leverage this to launch cross-site request forgery attacks. It is also possible to exploit this to place cookie-like objects on victims' computers. (MFSA 2009-17)\n - A vulnerability exists that allows attackers to inject arbitrary scripts into sites via XBL bindings. This vulnerability requires the attacker to have the ability to embed third-party stylesheets into the site. (MFSA 2009-18)\n - Multiple remote code execution vulnerabilities exist caused by the creation of documents whose URI does not match the document's principle using XMLHttpRequest, as well as a flaw in the 'XPCNativeWrapper.ToString' '__proto__' coming from the wrong scope. (MFSA 2009-19)\n - A malicious MozSearch plugin could be created using a JavaScript: URI in the SearchForm value. An attacker can leverage this in order to inject code into arbitrary sites. (MFSA 2009-20)\n - An information disclosure vulnerability exists when saving the inner frame of a web page as a file when the outer page has POST data associated with it. (MFSA 2009-21)\n - A cross site scripting vulnerability exists when handling a Refresh header containing a JavaScript: URI. (MFSA 2009-22)\" ); ", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2009-04-22T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 3.0.9 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652", "CVE-2009-1303", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1309", "CVE-2009-1311", "CVE-2009-1312", "CVE-2009-1302", "CVE-2009-1304", "CVE-2009-1308", "CVE-2009-1310"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"], "id": "4998.PRM", "href": "https://www.tenable.com/plugins/nnm/4998", "sourceData": "Binary data 4998.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:08:12", "description": "Several flaws were discovered in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nIt was discovered that Firefox displayed certain Unicode characters which could be visually confused with punctuation in valid web addresses in the location bar. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-0652)\n\nSeveral flaws were discovered in the way Firefox processed malformed URI schemes. If a user were tricked into viewing a malicious website, a remote attacker could execute arbitrary JavaScript or steal private data. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312)\n\nCefn Hoile discovered Firefox did not adequately protect against embedded third-party stylesheets. An attacker could exploit this to perform script injection attacks using XBL bindings. (CVE-2009-1308)\n\nPaolo Amadini discovered that Firefox would submit POST data when reloading an inner frame of a web page. If a user were tricked into viewing a malicious website, a remote attacker could steal private data. (CVE-2009-1311).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-764-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:abrowser", "p-cpe:/a:canonical:ubuntu_linux:abrowser-3.0-branding", "p-cpe:/a:canonical:ubuntu_linux:firefox", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-branding", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dom-inspector", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-venkman", "p-cpe:/a:canonical:ubuntu_linux:firefox-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-dom-inspector", "p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso", "p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dom-inspector", "p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-libthai", "p-cpe:/a:canonical:ubuntu_linux:firefox-trunk", "p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dom-inspector", "p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-venkman", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-dev", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-dom-inspector", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-venkman", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-dev", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-764-1.NASL", "href": "https://www.tenable.com/plugins/nessus/36228", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-764-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36228);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-0652\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\");\n script_xref(name:\"USN\", value:\"764-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-764-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were discovered in the browser engine. If a user were\ntricked into viewing a malicious website, a remote attacker could\ncause a denial of service or possibly execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2009-1302,\nCVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nIt was discovered that Firefox displayed certain Unicode characters\nwhich could be visually confused with punctuation in valid web\naddresses in the location bar. An attacker could exploit this to spoof\nthe location bar, such as in a phishing attack. (CVE-2009-0652)\n\nSeveral flaws were discovered in the way Firefox processed malformed\nURI schemes. If a user were tricked into viewing a malicious website,\na remote attacker could execute arbitrary JavaScript or steal private\ndata. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1310,\nCVE-2009-1312)\n\nCefn Hoile discovered Firefox did not adequately protect against\nembedded third-party stylesheets. An attacker could exploit this to\nperform script injection attacks using XBL bindings. (CVE-2009-1308)\n\nPaolo Amadini discovered that Firefox would submit POST data when\nreloading an inner frame of a web page. If a user were tricked into\nviewing a malicious website, a remote attacker could steal private\ndata. (CVE-2009-1311).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/764-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 79, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.0-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-libthai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-venkman\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-libthai\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-venkman\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9-dev\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9-dom-inspector\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9-gnome-support\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9-venkman\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"abrowser\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"abrowser-3.0-branding\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-3.0\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-3.0-branding\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-3.0-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-3.0-venkman\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-granparadiso\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-granparadiso-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-granparadiso-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-granparadiso-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-libthai\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-trunk\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-trunk-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-trunk-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-trunk-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"firefox-trunk-venkman\", pkgver:\"3.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"xulrunner-1.9\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"xulrunner-1.9-dev\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"xulrunner-1.9-dom-inspector\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"xulrunner-1.9-gnome-support\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"xulrunner-1.9-venkman\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"abrowser\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"abrowser-3.0-branding\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-3.0\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-3.0-branding\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-3.0-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-3.0-venkman\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-granparadiso\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-granparadiso-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-granparadiso-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-granparadiso-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-libthai\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-trunk\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-trunk-dev\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-trunk-dom-inspector\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-trunk-gnome-support\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"firefox-trunk-venkman\", pkgver:\"3.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"xulrunner-1.9\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"xulrunner-1.9-dev\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"xulrunner-1.9-dom-inspector\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"xulrunner-1.9-gnome-support\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"xulrunner-1.9-venkman\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.0.9+nobinonly-0ubuntu0.9.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrowser / abrowser-3.0-branding / firefox / firefox-3.0 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:08:05", "description": "Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox.\n(CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)\n\nSeveral flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312)\n\nA flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials.\n(CVE-2009-1311)\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata.\n\nAll Firefox users should upgrade to
[SECURITY] Fedora 10 Update: gnome-web-photo-0.3-17.fc10
