{"id": "MFSA2007-14", "lastseen": "2016-09-05T13:37:47", "viewCount": 0, "bulletinFamily": "software", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 1, "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2016-09-05T13:37:47", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:136141256231090014", "OPENVAS:90013", "OPENVAS:136141256231090013", "OPENVAS:136141256231059025", "OPENVAS:90014"]}, {"type": "nessus", "idList": ["SUSE_MOZILLAFIREFOX-3756.NASL", "MOZILLA_FIREFOX_20010.NASL", "MANDRAKE_MDKSA-2007-126.NASL", "MOZILLA_THUNDERBIRD_2009.NASL", "MOZILLA_THUNDERBIRD_15014.NASL", "NETSCAPE_BROWSER_9004.NASL", "MOZILLA_FIREFOX_2008.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19516"]}, {"type": "cve", "idList": ["CVE-2007-5338", "CVE-2007-5339", "CVE-2007-5337", "CVE-2007-5334", "CVE-2007-5340"]}, {"type": "osvdb", "idList": ["OSVDB:38043", "OSVDB:38033"]}], "modified": "2016-09-05T13:37:47", "rev": 2}, "vulnersScore": 5.9}, "type": "mozilla", "description": "Nicolas Derouet reported two problems with\ncookie handling in Mozilla clients. The first was that the\ncookie path parameter was not subject to any length checks, and\nthis could be abused to cause the victim's browser to use excessive\namounts of memory while it was running as well as waste the disk\nspace used to store the cookie until it expired.\nCookies sent by an HTTP server are limited to a\nreasonable size by the general limit on the size of an HTTP header,\nbut cookies created programmatically through JavaScript and\nadded using document.cookie could have a path\nof any length the script could create -- potentially several\ntens of megabytes.\nThe second issue was that the cookie path and name values\nwere not checked for the presence of the delimiter used for\ninternal cookie storage, and if present this confused future\ninterpretation of the cookie data. Since the cookie host continued\nto be set correctly there was very little that could be done\nthat the site could not legitimately set in the first place. One\nexception was the ability for a non-secure site to create \"secure\"\ncookies (it still could not read them), which might be a problem\non some sites. Other fields in the file could be faked, but scripts\nthat could set cookies at all could generally set them anyway.", "title": "Path Abuse in Cookies", "cvelist": [], "published": "2007-05-30T00:00:00", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=373228"], "reporter": "Mozilla Foundation", "affectedSoftware": [{"version": "1.0.9", "name": "SeaMonkey", "operator": "lt"}, {"version": "1.5.0.12", "name": "Firefox", "operator": "lt"}, {"version": "2.0.0.4", "name": "Firefox", "operator": "lt"}, {"version": "1.1.2", "name": "SeaMonkey", "operator": "lt"}], "modified": "2007-05-30T00:00:00", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2007-14/", "immutableFields": []}

{"openvas": [{"lastseen": "2019-10-09T15:24:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5339", "CVE-2007-4841"], "description": "The remote host is missing an update as announced\n via advisory SSA:2007-324-01.", "modified": "2019-10-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231059025", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231059025", "type": "openvas", "title": "Slackware Advisory SSA:2007-324-01 mozilla-thunderbird", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.59025\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_cve_id(\"CVE-2007-4841\", \"CVE-2007-5339\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_name(\"Slackware Advisory SSA:2007-324-01 mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(10\\.2|11\\.0|12\\.0)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2007-324-01\");\n\n script_tag(name:\"insight\", value:\"New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0,\n and -current to fix security issues. Slackware is not vulnerable to either\n of these in its default configuration, but watch out if you've enabled\n JavaScript.\n\n More information about the security issues are linked in the references.\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-36.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-29.html\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\n via advisory SSA:2007-324-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.9-i686-1\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.9-i686-1\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.9-i686-1\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-13T10:49:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4879", "CVE-2008-1236", "CVE-2008-1195", "CVE-2008-0412", "CVE-2008-1240", "CVE-2008-1237", "CVE-2008-1238", "CVE-2008-1233", "CVE-2008-0416", "CVE-2008-1234", "CVE-2008-1235", "CVE-2008-1241"], "description": "The remote host is probable affected by the vulnerabilities described in\n CVE-2008-0416, CVE-2007-4879, CVE-2008-1195, CVE-2008-1233,\n CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237,\n CVE-2008-1238, CVE-2008-1240, CVE-2008-1241 and more.", "modified": "2017-06-28T00:00:00", "published": "2008-06-17T00:00:00", "id": "OPENVAS:90013", "href": "http://plugins.openvas.org/nasl.php?oid=90013", "type": "openvas", "title": "Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Windows)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: smbcl_mozilla.nasl 6467 2017-06-28 13:51:19Z cfischer $\n# Description: Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Windows)\n#\n# Authors:\n# Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de>\n# Modified to implement through 'smb_nt.inc'\n# - By Sharath S <sharaths@secpod.com> On 2009-09-17\n#\n# Copyright:\n# Copyright (C) 2008 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_impact = \"Mozilla contributors moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback reported\n a series of vulnerabilities which allow scripts from page content to run with\n elevated privileges. moz_bug_r_a4 demonstrated additional variants of MFSA\n 2007-25 and MFSA2007-35 (arbitrary code execution through XPCNativeWrapper\n pollution). Additional vulnerabilities reported separately by Boris Zbarsky,\n Johnny Stenback, and moz_bug_r_a4 showed that the browser could be forced to\n run JavaScript code using the wrong principal leading to universal XSS\n and arbitrary code execution.\";\n\ntag_summary = \"The remote host is probable affected by the vulnerabilities described in\n CVE-2008-0416, CVE-2007-4879, CVE-2008-1195, CVE-2008-1233,\n CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237,\n CVE-2008-1238, CVE-2008-1240, CVE-2008-1241 and more.\";\n\ntag_solution = \"All Users should upgrade to the latest versions of Firefox, Thunderbird or\n Seamonkey.\n http://www.mozilla.com/en-US/firefox/all.html\n http://www.seamonkey-project.org/releases/\n http://www.mozillamessaging.com/en-US/thunderbird/all.html\";\n\n# $Revision: 6467 $\n\nif(description)\n{\n script_id(90013);\n script_version(\"$Revision: 6467 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-28 15:51:19 +0200 (Wed, 28 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-06-17 20:22:38 +0200 (Tue, 17 Jun 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0416\", \"CVE-2008-1238\", \"CVE-2008-1240\", \"CVE-2008-1241\");\n script_bugtraq_id(28448);\n script_name(\"Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2008/mfsa2008-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\", \"gb_seamonkey_detect_win.nasl\", \"gb_thunderbird_detect_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"impact\" , value : tag_impact);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n# Firefox Check\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n # Grep for Firefox version < 2.0.0.14\n if(version_is_less(version:ffVer, test_version:\"2.0.0.14\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n# Seamonkey Check\nsmVer = get_kb_item(\"Seamonkey/Win/Ver\");\nif(smVer)\n{\n # Grep for Seamonkey version < 1.1.9\n if(version_is_less(version:smVer, test_version:\"1.1.9\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n# Thunderbird Check\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer)\n{\n # Grep for Thunderbird version < 2.0.0.14\n if(version_is_less(version:tbVer, test_version:\"2.0.0.14\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-16T16:58:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4879", "CVE-2008-1236", "CVE-2008-1195", "CVE-2008-1240", "CVE-2008-1237", "CVE-2008-1238", "CVE-2008-1233", "CVE-2008-1234", "CVE-2008-1235", "CVE-2008-1241"], "description": "The remote host is affected by the vulnerabilities described in the\n referenced advisories.", "modified": "2020-04-14T00:00:00", "published": "2008-06-17T00:00:00", "id": "OPENVAS:136141256231090013", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231090013", "type": "openvas", "title": "Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Windows)", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Windows)\n#\n# Authors:\n# Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de>\n#\n# Copyright:\n# Copyright (C) 2008 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.90013\");\n script_version(\"2020-04-14T08:15:28+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-14 08:15:28 +0000 (Tue, 14 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2008-06-17 20:22:38 +0200 (Tue, 17 Jun 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-1233\", \"CVE-2008-1234\", \"CVE-2008-1235\", \"CVE-2008-1236\", \"CVE-2008-1237\",\n \"CVE-2008-1238\", \"CVE-2007-4879\", \"CVE-2008-1195\", \"CVE-2008-1240\", \"CVE-2008-1241\");\n script_bugtraq_id(28448);\n script_name(\"Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\", \"gb_seamonkey_detect_win.nasl\", \"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-2.0/#firefox2.0.0.13\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey-1.1/#seamonkey1.1.9\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird-2.0/#thunderbird2.0.0.14\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-19/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-18/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-17/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-16/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-15/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-14/\");\n\n script_tag(name:\"solution\", value:\"All users should upgrade to the latest versions of Firefox, Thunderbird or\n Seamonkey.\");\n\n script_tag(name:\"summary\", value:\"The remote host is affected by the vulnerabilities described in the\n referenced advisories.\");\n\n script_tag(name:\"impact\", value:\"Mozilla contributors moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback reported\n a series of vulnerabilities which allow scripts from page content to run with\n elevated privileges. moz_bug_r_a4 demonstrated additional variants of MFSA\n 2007-25 and MFSA2007-35 (arbitrary code execution through XPCNativeWrapper\n pollution). Additional vulnerabilities reported separately by Boris Zbarsky,\n Johnny Stenback, and moz_bug_r_a4 showed that the browser could be forced to\n run JavaScript code using the wrong principal leading to universal XSS\n and arbitrary code execution.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_is_less(version:ffVer, test_version:\"2.0.0.13\"))\n {\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"2.0.0.13\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nsmVer = get_kb_item(\"Seamonkey/Win/Ver\");\nif(smVer)\n{\n if(version_is_less(version:smVer, test_version:\"1.1.9\"))\n {\n report = report_fixed_ver(installed_version:smVer, fixed_version:\"1.1.9\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer)\n{\n if(version_is_less(version:tbVer, test_version:\"2.0.0.14\")){\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"2.0.0.14\");\n security_message(port: 0, data: report);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-07T16:39:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4879", "CVE-2008-1236", "CVE-2008-1195", "CVE-2008-0412", "CVE-2008-1240", "CVE-2008-1237", "CVE-2008-1238", "CVE-2008-1233", "CVE-2008-0416", "CVE-2008-1234", "CVE-2008-1235", "CVE-2008-1241"], "description": "The remote host is probable affected by the vulnerabilitys described in\n CVE-2008-0416, CVE-2007-4879, CVE-2008-1195, CVE-2008-1233,\n CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237,\n CVE-2008-1238, CVE-2008-1240, CVE-2008-1241 and more.", "modified": "2020-04-02T00:00:00", "published": "2008-06-17T00:00:00", "id": "OPENVAS:136141256231090014", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231090014", "type": "openvas", "title": "Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Description: Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Linux)\n#\n# Authors:\n# Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de>\n#\n# Copyright:\n# Copyright (C) 2008 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.90014\");\n script_version(\"2020-04-02T11:36:28+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-02 11:36:28 +0000 (Thu, 02 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2008-06-17 20:22:38 +0200 (Tue, 17 Jun 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-1238\", \"CVE-2008-1240\", \"CVE-2008-1241\", \"CVE-2008-0412\", \"CVE-2008-0416\");\n script_name(\"Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Linux)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"General\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2008/mfsa2008-14.html\");\n\n script_tag(name:\"solution\", value:\"All Users should upgrade to the latest versions of Firefox, Thunderbird or Seamonkey.\");\n\n script_tag(name:\"summary\", value:\"The remote host is probable affected by the vulnerabilitys described in\n CVE-2008-0416, CVE-2007-4879, CVE-2008-1195, CVE-2008-1233,\n CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237,\n CVE-2008-1238, CVE-2008-1240, CVE-2008-1241 and more.\");\n\n script_tag(name:\"impact\", value:\"Mozilla contributors moz_bug_r_a4, Boris Zbarsky,\n and Johnny Stenback reported a series of vulnerabilities which allow scripts from\n page content to run with elevated privileges. moz_bug_r_a4 demonstrated additional\n variants of MFSA 2007-25 and MFSA2007-35 (arbitrary code execution through\n XPCNativeWrapper pollution). Additional vulnerabilities reported separately by\n Boris Zbarsky, Johnny Stenback, and moz_bug_r_a4 showed that the browser could be\n forced to run JavaScript code using the wrong principal leading to universal XSS\n and arbitrary code execution. And more...\");\n\n script_tag(name:\"deprecated\", value:TRUE); # This NVT is broken in many ways...\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n exit(0);\n}\n\nexit(66);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-08T11:44:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4879", "CVE-2008-1236", "CVE-2008-1195", "CVE-2008-0412", "CVE-2008-1240", "CVE-2008-1237", "CVE-2008-1238", "CVE-2008-1233", "CVE-2008-0416", "CVE-2008-1234", "CVE-2008-1235", "CVE-2008-1241"], "description": "The remote host is probable affected by the vulnerabilitys described in \nCVE-2008-0416, CVE-2007-4879, CVE-2008-1195, CVE-2008-1233,\nCVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237,\nCVE-2008-1238, CVE-2008-1240, CVE-2008-1241 and more.\n\n\nImpact\n Mozilla contributors moz_bug_r_a4, Boris Zbarsky, \n and Johnny Stenback reported a series of vulnerabilities \n which allow scripts from page content to run with elevated\n privileges. moz_bug_r_a4 demonstrated additional variants\n of MFSA 2007-25 and MFSA2007-35 (arbitrary code execution\n through XPCNativeWrapper pollution). Additional \n vulnerabilities reported separately by Boris Zbarsky, \n Johnny Stenback, and moz_bug_r_a4 showed that the browser\n could be forced to run JavaScript code using the wrong \n principal leading to universal XSS and arbitrary code execution.\n And more...", "modified": "2017-12-07T00:00:00", "published": "2008-06-17T00:00:00", "id": "OPENVAS:90014", "href": "http://plugins.openvas.org/nasl.php?oid=90014", "type": "openvas", "title": "Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Linux)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mozilla_CB-A08-0017.nasl 8023 2017-12-07 08:36:26Z teissa $\n# Description: Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Linux)\n#\n# Authors:\n# Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de>\n#\n# Copyright:\n# Copyright (C) 2008 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_summary = \"The remote host is probable affected by the vulnerabilitys described in \nCVE-2008-0416, CVE-2007-4879, CVE-2008-1195, CVE-2008-1233,\nCVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237,\nCVE-2008-1238, CVE-2008-1240, CVE-2008-1241 and more.\n\n\nImpact\n Mozilla contributors moz_bug_r_a4, Boris Zbarsky, \n and Johnny Stenback reported a series of vulnerabilities \n which allow scripts from page content to run with elevated\n privileges. moz_bug_r_a4 demonstrated additional variants\n of MFSA 2007-25 and MFSA2007-35 (arbitrary code execution\n through XPCNativeWrapper pollution). Additional \n vulnerabilities reported separately by Boris Zbarsky, \n Johnny Stenback, and moz_bug_r_a4 showed that the browser\n could be forced to run JavaScript code using the wrong \n principal leading to universal XSS and arbitrary code execution.\n And more...\";\n\ntag_solution = \"All Users should upgrade to the latest versions of Firefox, Thunderbird or Seamonkey.\";\n\n# $Revision: 8023 $\n\nif(description)\n{\n\n script_id(90014);\n script_version(\"$Revision: 8023 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-07 09:36:26 +0100 (Thu, 07 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-06-17 20:22:38 +0200 (Tue, 17 Jun 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-1238\", \"CVE-2008-1240\", \"CVE-2008-1241\", \"CVE-2008-0412\", \"CVE-2008-0416\");\n name = \"Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Linux)\";\n script_name(name);\n\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2008/mfsa2008-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n family = \"General\";\n script_family(family);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n\n # This NVT is broken in many ways...\n script_tag(name:\"deprecated\", value:TRUE); \n\n exit(0);\n}\n\nexit(66);\n\ninclude(\"ssh_func.inc\");\ninclude(\"version_func.inc\");\n\nsock = ssh_login_or_reuse_connection();\nif(!sock){\n exit(0);\n}\n\nr = find_bin(prog_name:\"firefox\", sock:sock);\nforeach binary_name (r) {\n binary_name = chomp(binary_name);\n ver = get_bin_version(full_prog_name:binary_name, version_argv:\"--version\", ver_pattern:\"([0-9\\.]+)\");\n if(ver != NULL) {\n if(version_is_less(version:ver[0], test_version:\"2.0.0.14\") ) {\n security_message(port:0);\n report = string(\"\\nFound : \") + binary_name + \" Version : \" + ver[max_index(ver)-1] + string(\"\\n\");\n security_message(port:0, data:report);\n } \n }\n}\nr = find_bin(prog_name:\"thunderbird\", sock:sock);\nforeach binary_name (r) {\n binary_name = chomp(binary_name);\n ver = get_bin_version(full_prog_name:binary_name, version_argv:\"--version\", ver_pattern:\"([0-9\\.]+)\");\n if(ver != NULL) {\n if(version_is_less(version:ver[0], test_version:\"2.0.0.14\") ) {\n security_message(port:0);\n report = string(\"\\nFound : \") + binary_name + \" Version : \" + ver[max_index(ver)-1] + string(\"\\n\");\n security_message(port:0, data:report);\n } \n }\n}\nr = find_bin(prog_name:\"seamonkey\", sock:sock);\nforeach binary_name (r) {\n binary_name = chomp(binary_name);\n ver = get_bin_version(full_prog_name:binary_name, version_argv:\"--version\", ver_pattern:\"([0-9\\.]+)\");\n if(ver != NULL) {\n if(version_is_less(version:ver[0], test_version:\"1.1.9\") ) {\n security_message(port:0);\n report = string(\"\\nFound : \") + binary_name + \" Version : \" + ver[max_index(ver)-1] + string(\"\\n\");\n security_message(port:0, data:report);\n } \n }\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-17T14:14:12", "description": "This update brings the Mozilla Firefox browser to version 2.0.0.18.\n\nIt fixes following security issues :\n\n - The http-index-format MIME type parser\n (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox\n 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13\n does not check for an allocation failure, which allows\n remote attackers to cause a denial of service (crash)\n and possibly execute arbitrary code via an HTTP index\n response with a crafted 200 header, which triggers\n memory corruption and a buffer overflow. (CVE-2008-0017\n / MFSA 2008-54)\n\n - Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x\n before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not\n properly change the source URI when processing a canvas\n element and an HTTP redirect, which allows remote\n attackers to bypass the same origin policy and access\n arbitrary images that are not directly accessible to the\n attacker. NOTE: this issue can be leveraged to enumerate\n software on the client by performing redirections\n related to moz-icon. (CVE-2008-5012 / MFSA 2008-48)\n\n - Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x\n before 1.1.13 do not properly check when the Flash\n module has been dynamically unloaded properly, which\n allows remote attackers to execute arbitrary code via a\n crafted SWF file that 'dynamically unloads itself from\n an outside JavaScript function,' which triggers an\n access of an expired memory address. (CVE-2008-5013 /\n MFSA 2008-49)\n\nCVE-2008-5014 / MFSA 2008-50\n\njslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before\n2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before\n1.1.13 allows remote attackers to cause a denial of service (crash)\nand possibly execute arbitrary code by modifying the\nwindow.__proto__.__proto__ object in a way that causes a lock on a\nnon-native object, which triggers an assertion failure related to the\nOBJ_IS_NATIVE function.\n\n - Mozilla Firefox 3.x before 3.0.4 assigns chrome\n privileges to a file: URI when it is accessed in the\n same tab from a chrome or privileged about: page, which\n makes it easier for user-assisted attackers to execute\n arbitrary JavaScript with chrome privileges via\n malicious code in a file that has already been saved on\n the local system. (CVE-2008-5015 / MFSA 2008-51)\n\n - The layout engine in Mozilla Firefox 3.x before 3.0.4,\n Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x\n before 1.1.13 allows remote attackers to cause a denial\n of service (crash) via multiple vectors that trigger an\n assertion failure or other consequences. (CVE-2008-5016\n / MFSA 2008-52)\n\n - Integer overflow in xpcom/io/nsEscape.cpp in the browser\n engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x\n before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and\n SeaMonkey 1.x before 1.1.13 allows remote attackers to\n cause a denial of service (crash) via unknown vectors.\n (CVE-2008-5017 / MFSA 2008-52)\n\n - The JavaScript engine in Mozilla Firefox 3.x before\n 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x\n before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows\n remote attackers to cause a denial of service (crash)\n via vectors related to 'insufficient class checking' in\n the Date class. CVE-2008-5019 / MFSA 2008-53: The\n session restore feature in Mozilla Firefox 3.x before\n 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to\n violate the same origin policy to conduct cross-site\n scripting (XSS) attacks and execute arbitrary JavaScript\n with chrome privileges via unknown vectors.\n CVE-2008-5021 / MFSA 2008-55: nsFrameManager in Firefox\n 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,\n Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x\n before 1.1.13 allows remote attackers to cause a denial\n of service (crash) and possibly execute arbitrary code\n by modifying properties of a file input element while it\n is still being initialized, then using the blur method\n to access uninitialized memory. (CVE-2008-5018 / MFSA\n 2008-52)\n\n - The nsXMLHttpRequest::NotifyEventListeners method in\n Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,\n Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x\n before 1.1.13 allows remote attackers to bypass the\n same-origin policy and execute arbitrary script via\n multiple listeners, which bypass the inner window check.\n (CVE-2008-5022 / MFSA 2008-56)\n\n - Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,\n and SeaMonkey 1.x before 1.1.13 allows remote attackers\n to bypass the protection mechanism for codebase\n principals and execute arbitrary script via the\n -moz-binding CSS property in a signed JAR file.\n (CVE-2008-5023 / MFSA 2008-57)\n\n - Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before\n 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey\n 1.x before 1.1.13 do not properly escape quote\n characters used for XML processing, allows remote\n attackers to conduct XML injection attacks via the\n default namespace in an E4X document. (CVE-2008-5024 /\n MFSA 2008-58)\n\n - The AppendAttributeValue function in the JavaScript\n engine in Mozilla Firefox 2.x before 2.0.0.18,\n Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x\n before 1.1.13 allows remote attackers to cause a denial\n of service (crash) via unknown vectors that trigger\n memory corruption, as demonstrated by\n e4x/extensions/regress-410192.js. (CVE-2008-5052 / MFSA\n 2008-52)\n\nThis update also changes a previous security fix that removed\nfunctionality required by customers. This issue was MFSA 2007-34\n'Possible file stealing through sftp protocol', where the fix just\ndisabled sftp:// and smb:// blindly.\n\nThose protocols can now reenabled selectively by changing the gconf\nproperty /apps/firefox/general/allowed_indirect_gnomevfs_loads to\ninclude smb:,sftp :", "edition": 25, "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5826)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5012", "CVE-2008-5013", "CVE-2008-5018", "CVE-2008-5019", "CVE-2008-5023", "CVE-2008-5021", "CVE-2008-5017", "CVE-2008-5014", "CVE-2008-5022", "CVE-2008-5016", "CVE-2008-0017", "CVE-2008-5024", "CVE-2008-5015", "CVE-2008-5052"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLAFIREFOX-5826.NASL", "href": "https://www.tenable.com/plugins/nessus/41465", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41465);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0017\", \"CVE-2008-5012\", \"CVE-2008-5013\", \"CVE-2008-5014\", \"CVE-2008-5015\", \"CVE-2008-5016\", \"CVE-2008-5017\", \"CVE-2008-5018\", \"CVE-2008-5019\", \"CVE-2008-5021\", \"CVE-2008-5022\", \"CVE-2008-5023\", \"CVE-2008-5024\", \"CVE-2008-5052\");\n\n script_name(english:\"SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5826)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings the Mozilla Firefox browser to version 2.0.0.18.\n\nIt fixes following security issues :\n\n - The http-index-format MIME type parser\n (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox\n 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13\n does not check for an allocation failure, which allows\n remote attackers to cause a denial of service (crash)\n and possibly execute arbitrary code via an HTTP index\n response with a crafted 200 header, which triggers\n memory corruption and a buffer overflow. (CVE-2008-0017\n / MFSA 2008-54)\n\n - Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x\n before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not\n properly change the source URI when processing a canvas\n element and an HTTP redirect, which allows remote\n attackers to bypass the same origin policy and access\n arbitrary images that are not directly accessible to the\n attacker. NOTE: this issue can be leveraged to enumerate\n software on the client by performing redirections\n related to moz-icon. (CVE-2008-5012 / MFSA 2008-48)\n\n - Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x\n before 1.1.13 do not properly check when the Flash\n module has been dynamically unloaded properly, which\n allows remote attackers to execute arbitrary code via a\n crafted SWF file that 'dynamically unloads itself from\n an outside JavaScript function,' which triggers an\n access of an expired memory address. (CVE-2008-5013 /\n MFSA 2008-49)\n\nCVE-2008-5014 / MFSA 2008-50\n\njslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before\n2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before\n1.1.13 allows remote attackers to cause a denial of service (crash)\nand possibly execute arbitrary code by modifying the\nwindow.__proto__.__proto__ object in a way that causes a lock on a\nnon-native object, which triggers an assertion failure related to the\nOBJ_IS_NATIVE function.\n\n - Mozilla Firefox 3.x before 3.0.4 assigns chrome\n privileges to a file: URI when it is accessed in the\n same tab from a chrome or privileged about: page, which\n makes it easier for user-assisted attackers to execute\n arbitrary JavaScript with chrome privileges via\n malicious code in a file that has already been saved on\n the local system. (CVE-2008-5015 / MFSA 2008-51)\n\n - The layout engine in Mozilla Firefox 3.x before 3.0.4,\n Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x\n before 1.1.13 allows remote attackers to cause a denial\n of service (crash) via multiple vectors that trigger an\n assertion failure or other consequences. (CVE-2008-5016\n / MFSA 2008-52)\n\n - Integer overflow in xpcom/io/nsEscape.cpp in the browser\n engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x\n before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and\n SeaMonkey 1.x before 1.1.13 allows remote attackers to\n cause a denial of service (crash) via unknown vectors.\n (CVE-2008-5017 / MFSA 2008-52)\n\n - The JavaScript engine in Mozilla Firefox 3.x before\n 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x\n before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows\n remote attackers to cause a denial of service (crash)\n via vectors related to 'insufficient class checking' in\n the Date class. CVE-2008-5019 / MFSA 2008-53: The\n session restore feature in Mozilla Firefox 3.x before\n 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to\n violate the same origin policy to conduct cross-site\n scripting (XSS) attacks and execute arbitrary JavaScript\n with chrome privileges via unknown vectors.\n CVE-2008-5021 / MFSA 2008-55: nsFrameManager in Firefox\n 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,\n Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x\n before 1.1.13 allows remote attackers to cause a denial\n of service (crash) and possibly execute arbitrary code\n by modifying properties of a file input element while it\n is still being initialized, then using the blur method\n to access uninitialized memory. (CVE-2008-5018 / MFSA\n 2008-52)\n\n - The nsXMLHttpRequest::NotifyEventListeners method in\n Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,\n Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x\n before 1.1.13 allows remote attackers to bypass the\n same-origin policy and execute arbitrary script via\n multiple listeners, which bypass the inner window check.\n (CVE-2008-5022 / MFSA 2008-56)\n\n - Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,\n and SeaMonkey 1.x before 1.1.13 allows remote attackers\n to bypass the protection mechanism for codebase\n principals and execute arbitrary script via the\n -moz-binding CSS property in a signed JAR file.\n (CVE-2008-5023 / MFSA 2008-57)\n\n - Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before\n 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey\n 1.x before 1.1.13 do not properly escape quote\n characters used for XML processing, allows remote\n attackers to conduct XML injection attacks via the\n default namespace in an E4X document. (CVE-2008-5024 /\n MFSA 2008-58)\n\n - The AppendAttributeValue function in the JavaScript\n engine in Mozilla Firefox 2.x before 2.0.0.18,\n Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x\n before 1.1.13 allows remote attackers to cause a denial\n of service (crash) via unknown vectors that trigger\n memory corruption, as demonstrated by\n e4x/extensions/regress-410192.js. (CVE-2008-5052 / MFSA\n 2008-52)\n\nThis update also changes a previous security fix that removed\nfunctionality required by customers. This issue was MFSA 2007-34\n'Possible file stealing through sftp protocol', where the fix just\ndisabled sftp:// and smb:// blindly.\n\nThose protocols can now reenabled selectively by changing the gconf\nproperty /apps/firefox/general/allowed_indirect_gnomevfs_loads to\ninclude smb:,sftp :\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-34.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-34/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-48.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-48/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-49.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-49/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-50.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-50/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-51.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-51/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-52.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-52/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-54.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-54/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-55.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-55/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-56.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-56/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-57.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-57/\"\n );\n # http://www.mozilla.org/security/announce/2008/mfsa2008-58.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2008-58/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5012.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5014.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5016.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5018.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5021.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5022.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5024.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5052.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5826.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 79, 94, 119, 189, 200, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"MozillaFirefox-2.0.0.18-0.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"MozillaFirefox-translations-2.0.0.18-0.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"MozillaFirefox-2.0.0.18-0.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"MozillaFirefox-translations-2.0.0.18-0.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:51:44", "description": "A number of security vulnerabilities have been discovered and\ncorrected in the latest Mozilla Firefox program, version 2.0.0.4.\n\nThis update provides the latest Firefox to correct these issues.\n\nUpdate :\n\nThe l10n language packages have now been updated and are available.", "edition": 26, "published": "2009-04-23T00:00:00", "title": "Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:126-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2868", "CVE-2007-2871", "CVE-2007-2870", "CVE-2007-2867", "CVE-2007-2869", "CVE-2007-1362"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:mozilla-firefox-nb_NO", "p-cpe:/a:mandriva:linux:epiphany-devel", "p-cpe:/a:mandriva:linux:lib64devhelp-1_0", "p-cpe:/a:mandriva:linux:mozilla-firefox-zh_CN", "p-cpe:/a:mandriva:linux:totem-common", "p-cpe:/a:mandriva:linux:mozilla-firefox-es_AR", "p-cpe:/a:mandriva:linux:libtotem-plparser1-devel", "p-cpe:/a:mandriva:linux:gnome-python-gtkmozembed", "p-cpe:/a:mandriva:linux:mozilla-firefox-ca", "p-cpe:/a:mandriva:linux:lib64mozilla-firefox2.0.0.4-devel", "p-cpe:/a:mandriva:linux:libswt3-gtk2", "p-cpe:/a:mandriva:linux:mozilla-firefox-nl", "p-cpe:/a:mandriva:linux:mozilla-firefox-lt", "p-cpe:/a:mandriva:linux:mozilla-firefox-zh_TW", "p-cpe:/a:mandriva:linux:libdevhelp-1_0", "p-cpe:/a:mandriva:linux:mozilla-firefox-ga", "p-cpe:/a:mandriva:linux:mozilla-firefox-it", "p-cpe:/a:mandriva:linux:lib64devhelp-1_0-devel", "p-cpe:/a:mandriva:linux:mozilla-firefox-ru", "p-cpe:/a:mandriva:linux:eclipse-jdt", "p-cpe:/a:mandriva:linux:devhelp-plugins", "p-cpe:/a:mandriva:linux:mozilla-firefox-da", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:gnome-python-gda", "p-cpe:/a:mandriva:linux:gnome-python-gtkhtml2", "p-cpe:/a:mandriva:linux:totem-mozilla-gstreamer", "p-cpe:/a:mandriva:linux:mozilla-firefox-sk", "p-cpe:/a:mandriva:linux:libdevhelp-1_0-devel", "p-cpe:/a:mandriva:linux:mozilla-firefox-pt_BR", "p-cpe:/a:mandriva:linux:mozilla-firefox-pt_PT", "p-cpe:/a:mandriva:linux:lib64totem-plparser1-devel", "p-cpe:/a:mandriva:linux:yelp", "p-cpe:/a:mandriva:linux:mozilla-firefox-ja", "p-cpe:/a:mandriva:linux:mozilla-firefox-sl", "p-cpe:/a:mandriva:linux:libtotem-plparser1", "p-cpe:/a:mandriva:linux:galeon", "p-cpe:/a:mandriva:linux:mozilla-firefox-pl", "p-cpe:/a:mandriva:linux:mozilla-firefox-fy", "p-cpe:/a:mandriva:linux:totem-mozilla", "p-cpe:/a:mandriva:linux:mozilla-firefox", "p-cpe:/a:mandriva:linux:mozilla-firefox-tr", "p-cpe:/a:mandriva:linux:eclipse-ecj", "p-cpe:/a:mandriva:linux:mozilla-firefox-uk_UA", "p-cpe:/a:mandriva:linux:mozilla-firefox-fr", "p-cpe:/a:mandriva:linux:eclipse-platform-sdk", "p-cpe:/a:mandriva:linux:epiphany-extensions", "p-cpe:/a:mandriva:linux:mozilla-firefox-es_ES", "p-cpe:/a:mandriva:linux:mozilla-firefox-mk", "p-cpe:/a:mandriva:linux:mozilla-firefox-nn_NO", "p-cpe:/a:mandriva:linux:mozilla-firefox-cs", "p-cpe:/a:mandriva:linux:mozilla-firefox-de", "p-cpe:/a:mandriva:linux:eclipse-pde", "p-cpe:/a:mandriva:linux:libmozilla-firefox2.0.0.4", "p-cpe:/a:mandriva:linux:mozilla-firefox-bg", "p-cpe:/a:mandriva:linux:epiphany", "p-cpe:/a:mandriva:linux:mozilla-firefox-eu", "p-cpe:/a:mandriva:linux:gnome-python-gksu", "p-cpe:/a:mandriva:linux:mozilla-firefox-fi", "p-cpe:/a:mandriva:linux:eclipse-rcp", "p-cpe:/a:mandriva:linux:mozilla-firefox-ar", "p-cpe:/a:mandriva:linux:mozilla-firefox-br_FR", "p-cpe:/a:mandriva:linux:eclipse-pde-runtime", "p-cpe:/a:mandriva:linux:eclipse-sdk", "p-cpe:/a:mandriva:linux:devhelp", "p-cpe:/a:mandriva:linux:libmozilla-firefox2.0.0.4-devel", "p-cpe:/a:mandriva:linux:deskbar-applet", "p-cpe:/a:mandriva:linux:mozilla-firefox-sv_SE", "p-cpe:/a:mandriva:linux:gnome-python-gdl", "p-cpe:/a:mandriva:linux:eclipse-platform", "p-cpe:/a:mandriva:linux:mozilla-firefox-gu_IN", "p-cpe:/a:mandriva:linux:eclipse-pde-sdk", "p-cpe:/a:mandriva:linux:totem-gstreamer", "p-cpe:/a:mandriva:linux:mozilla-firefox-ko", "p-cpe:/a:mandriva:linux:lib64mozilla-firefox2.0.0.4", "p-cpe:/a:mandriva:linux:lib64totem-plparser1", "p-cpe:/a:mandriva:linux:gnome-python-gda-devel", "p-cpe:/a:mandriva:linux:gnome-python-extras", "p-cpe:/a:mandriva:linux:eclipse-rcp-sdk", "p-cpe:/a:mandriva:linux:totem", "p-cpe:/a:mandriva:linux:eclipse-jdt-sdk", "p-cpe:/a:mandriva:linux:mozilla-firefox-hu", "p-cpe:/a:mandriva:linux:mozilla-firefox-el", "p-cpe:/a:mandriva:linux:gnome-python-gtkspell"], "id": "MANDRAKE_MDKSA-2007-126.NASL", "href": "https://www.tenable.com/plugins/nessus/37988", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:126. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37988);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2007-1362\",\n \"CVE-2007-2867\",\n \"CVE-2007-2868\",\n \"CVE-2007-2869\",\n \"CVE-2007-2870\",\n \"CVE-2007-2871\"\n );\n script_bugtraq_id(24242);\n script_xref(name:\"MDKSA\", value:\"2007:126-1\");\n\n script_name(english:\"Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:126-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of security vulnerabilities have been discovered and\ncorrected in the latest Mozilla Firefox program, version 2.0.0.4.\n\nThis update provides the latest Firefox to correct these issues.\n\nUpdate :\n\nThe l10n language packages have now been updated and are available.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-16.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-17.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:deskbar-applet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:devhelp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:devhelp-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-ecj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-jdt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-jdt-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-pde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-pde-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-pde-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-platform\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-platform-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-rcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-rcp-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eclipse-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:epiphany\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:epiphany-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:epiphany-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:galeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gda-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gksu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gtkhtml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gtkmozembed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gtkspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64devhelp-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64devhelp-1_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mozilla-firefox2.0.0.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mozilla-firefox2.0.0.4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64totem-plparser1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64totem-plparser1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libdevhelp-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libdevhelp-1_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmozilla-firefox2.0.0.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmozilla-firefox2.0.0.4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libswt3-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtotem-plparser1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtotem-plparser1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-br_FR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-es_ES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-gu_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-nb_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-nn_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-pt_PT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-sv_SE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-uk_UA\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:totem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:totem-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:totem-gstreamer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:totem-mozilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:totem-mozilla-gstreamer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:yelp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.1\", reference:\"deskbar-applet-2.18.0-3.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"devhelp-0.13-3.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"devhelp-plugins-0.13-3.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-ecj-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-jdt-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-jdt-sdk-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-pde-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-pde-runtime-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-pde-sdk-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-platform-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-platform-sdk-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-rcp-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-rcp-sdk-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"eclipse-sdk-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"epiphany-2.18.0-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"epiphany-devel-2.18.0-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"epiphany-extensions-2.18.0-2.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"galeon-2.0.3-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"gnome-python-extras-2.14.3-4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"gnome-python-gda-2.14.3-4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"gnome-python-gda-devel-2.14.3-4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"gnome-python-gdl-2.14.3-4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"gnome-python-gksu-2.14.3-4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"gnome-python-gtkhtml2-2.14.3-4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"gnome-python-gtkmozembed-2.14.3-4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"gnome-python-gtkspell-2.14.3-4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64devhelp-1_0-0.13-3.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64devhelp-1_0-devel-0.13-3.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64mozilla-firefox2.0.0.4-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64mozilla-firefox2.0.0.4-devel-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64totem-plparser1-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64totem-plparser1-devel-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libdevhelp-1_0-0.13-3.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libdevhelp-1_0-devel-0.13-3.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libmozilla-firefox2.0.0.4-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libmozilla-firefox2.0.0.4-devel-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"libswt3-gtk2-3.2.2-3.4.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libtotem-plparser1-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libtotem-plparser1-devel-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-ar-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-bg-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-br_FR-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-ca-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-cs-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-da-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-de-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-el-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-es_AR-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-es_ES-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-eu-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-fi-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-fr-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-fy-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-ga-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-gu_IN-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-hu-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-it-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-ja-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-ko-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-lt-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-mk-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-nb_NO-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-nl-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-nn_NO-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-pl-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-pt_BR-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-pt_PT-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-ru-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-sk-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-sl-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-sv_SE-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-tr-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-uk_UA-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-zh_CN-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mozilla-firefox-zh_TW-2.0.0.4-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"totem-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"totem-common-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"totem-gstreamer-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"totem-mozilla-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"totem-mozilla-gstreamer-2.18.2-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"yelp-2.18.0-3.1mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T04:10:46", "description": "The remote version of Mozilla Thunderbird suffers from various\nsecurity issues, several of which may lead to execution of arbitrary\ncode on the affected host subject to the user's privileges.", "edition": 28, "published": "2007-12-20T00:00:00", "title": "Mozilla Thunderbird < 1.5.0.14 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5340", "CVE-2007-5339"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_15014.NASL", "href": "https://www.tenable.com/plugins/nessus/29743", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(29743);\n script_version(\"1.15\");\n\n script_cve_id(\"CVE-2007-5339\", \"CVE-2007-5340\");\n script_bugtraq_id(26132);\n\n script_name(english:\"Mozilla Thunderbird < 1.5.0.14 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Mozilla Thunderbird\");\n\n script_set_attribute( attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is affected by\nmultiple vulnerabilities.\" );\n script_set_attribute( attribute:\"description\", value:\n\"The remote version of Mozilla Thunderbird suffers from various\nsecurity issues, several of which may lead to execution of arbitrary\ncode on the affected host subject to the user's privileges.\" );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-29/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-40/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Mozilla Thunderbird 1.5.0.14 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/12/20\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/10/18\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'1.5.0.14', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:14:08", "description": "This update brings Mozilla Firefox to security update version 2.0.0.5\n\nFollowing security problems were fixed :\n\n - Crashes with evidence of memory corruption The usual\n collection of stability fixes for crashes that look\n suspicious but haven't been proven to be exploitable.\n (MFSA 2007-18)\n\n 25 were in the browser engine, reported by Mozilla\n developers and community members Bernd Mielke, Boris\n Zbarsky, David Baron, Daniel Veditz, Jesse Ruderman,\n Lukas Loehrer, Martijn Wargers, Mats Palmgren, Olli\n Pettay, Paul Nickerson,and Vladimir Sukhoy.\n (CVE-2007-3734)\n\n 7 were in the JavaScript engine reported by Asaf Romano,\n Jesse Ruderman, Igor Bukanov. (CVE-2007-3735)\n\n - XSS using addEventListener and setTimeout. (MFSA 2007-19\n / CVE-2007-3736)\n\n moz_bug_r_a4 reported that scripts could be injected\n into another site's context by exploiting a timing issue\n using addEventLstener or setTimeout.\n\n - frame spoofing Ronen Zilberman and Michal Zalewski both\n reported that it was possible to exploit a timing issue\n to inject content into about:blank frames in a page.\n (MFSA 2007-20 / CVE-2007-3089)\n\n - Privilege escallation using an event handler attached to\n an element not in the document. (MFSA 2007-21 /\n CVE-2007-3737)\n\n Reported by moz_bug_r_a4.\n\n - File type confusion due to %00 in name. (MFSA 2007-22 /\n CVE-2007-3285)\n\n Ronald van den Heetkamp reported that a filename URL\n containing %00 (encoded null) can cause Firefox to\n interpret the file extension differently than the\n underlying Windows operating system potentially leading\n to unsafe actions such as running a program.\n\n - Remote code execution by launching Firefox from Internet\n Explorer. (MFSA 2007-23 / CVE-2007-3670)\n\n Greg MacManus of iDefense and Billy Rios of Verisign\n independently reported that links containing a quote (')\n character could be used in Internet Explorer to launch\n registered URL Protocol handlers with extra command-line\n parameters. Firefox and Thunderbird are among those\n which can be launched, and both support a '-chrome'\n option that could be used to run malware.\n\n This problem does not affect Linux.\n\n - unauthorized access to wyciwyg:// documents. (MFSA\n 2007-24 / CVE-2007-3656)\n\n Michal Zalewski reported that it was possible to bypass\n the same-origin checks and read from cached (wyciwyg)\n documents\n\n - XPCNativeWrapper pollution shutdown and moz_bug_r_a4\n reported two separate ways to modify an XPCNativeWrapper\n such that subsequent access by the browser would result\n in executing user-supplied code. (MFSA 2007-25 /\n CVE-2007-3738)", "edition": 25, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 3932)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3738", "CVE-2007-3734", "CVE-2007-3737", "CVE-2007-3736", "CVE-2007-3285", "CVE-2007-3670", "CVE-2007-3656", "CVE-2007-3089", "CVE-2007-3735"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLAFIREFOX-3932.NASL", "href": "https://www.tenable.com/plugins/nessus/29361", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29361);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3089\", \"CVE-2007-3285\", \"CVE-2007-3656\", \"CVE-2007-3670\", \"CVE-2007-3734\", \"CVE-2007-3735\", \"CVE-2007-3736\", \"CVE-2007-3737\", \"CVE-2007-3738\");\n\n script_name(english:\"SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 3932)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings Mozilla Firefox to security update version 2.0.0.5\n\nFollowing security problems were fixed :\n\n - Crashes with evidence of memory corruption The usual\n collection of stability fixes for crashes that look\n suspicious but haven't been proven to be exploitable.\n (MFSA 2007-18)\n\n 25 were in the browser engine, reported by Mozilla\n developers and community members Bernd Mielke, Boris\n Zbarsky, David Baron, Daniel Veditz, Jesse Ruderman,\n Lukas Loehrer, Martijn Wargers, Mats Palmgren, Olli\n Pettay, Paul Nickerson,and Vladimir Sukhoy.\n (CVE-2007-3734)\n\n 7 were in the JavaScript engine reported by Asaf Romano,\n Jesse Ruderman, Igor Bukanov. (CVE-2007-3735)\n\n - XSS using addEventListener and setTimeout. (MFSA 2007-19\n / CVE-2007-3736)\n\n moz_bug_r_a4 reported that scripts could be injected\n into another site's context by exploiting a timing issue\n using addEventLstener or setTimeout.\n\n - frame spoofing Ronen Zilberman and Michal Zalewski both\n reported that it was possible to exploit a timing issue\n to inject content into about:blank frames in a page.\n (MFSA 2007-20 / CVE-2007-3089)\n\n - Privilege escallation using an event handler attached to\n an element not in the document. (MFSA 2007-21 /\n CVE-2007-3737)\n\n Reported by moz_bug_r_a4.\n\n - File type confusion due to %00 in name. (MFSA 2007-22 /\n CVE-2007-3285)\n\n Ronald van den Heetkamp reported that a filename URL\n containing %00 (encoded null) can cause Firefox to\n interpret the file extension differently than the\n underlying Windows operating system potentially leading\n to unsafe actions such as running a program.\n\n - Remote code execution by launching Firefox from Internet\n Explorer. (MFSA 2007-23 / CVE-2007-3670)\n\n Greg MacManus of iDefense and Billy Rios of Verisign\n independently reported that links containing a quote (')\n character could be used in Internet Explorer to launch\n registered URL Protocol handlers with extra command-line\n parameters. Firefox and Thunderbird are among those\n which can be launched, and both support a '-chrome'\n option that could be used to run malware.\n\n This problem does not affect Linux.\n\n - unauthorized access to wyciwyg:// documents. (MFSA\n 2007-24 / CVE-2007-3656)\n\n Michal Zalewski reported that it was possible to bypass\n the same-origin checks and read from cached (wyciwyg)\n documents\n\n - XPCNativeWrapper pollution shutdown and moz_bug_r_a4\n reported two separate ways to modify an XPCNativeWrapper\n such that subsequent access by the browser would result\n in executing user-supplied code. (MFSA 2007-25 /\n CVE-2007-3738)\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-18.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-18/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-19.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-19/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-20.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-20/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-21.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-21/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-22.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-22/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-23.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-23/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-24.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-24/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-25.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-25/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3089.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3285.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3656.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3670.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3734.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3735.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3736.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3737.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3738.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 3932.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(79, 200, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"MozillaFirefox-2.0.0.5-1.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"MozillaFirefox-translations-2.0.0.5-1.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"MozillaFirefox-2.0.0.5-1.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"MozillaFirefox-translations-2.0.0.5-1.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:14:06", "description": "This update brings Mozilla Firefox to security update version\n1.5.0.10.\n\n - As part of the Firefox 2.0.0.2 and 1.5.0.10 update\n releases several bugs were fixed to improve the\n stability of the browser. Some of these were crashes\n that showed evidence of memory corruption and we presume\n that with enough effort at least some of these could be\n exploited to run arbitrary code. These fixes affected\n the layout engine (CVE-2007-0775), SVG renderer\n (CVE-2007-0776) and JavaScript engine. (CVE-2007-0777).\n (MFSA 2007-01)\n\n - Various enhancements were done to make XSS exploits\n against websites less effective. These included fixes\n for invalid trailing characters (CVE-2007-0995), child\n frame character set inheritance (CVE-2007-0996),\n password form injection (CVE-2006-6077), and the Adobe\n Reader universal XSS problem. (MFSA 2007-02)\n\n - AAd reported a potential disk cache collision that could\n be exploited by remote attackers to steal confidential\n data or execute code. (MFSA 2007-03 / CVE-2007-0778)\n\n - David Eckel reported that browser UI elements--such as\n the host name and security indicators--could be spoofed\n by using a large, mostly transparent, custom cursor and\n adjusting the CSS3 hotspot property so that the visible\n part of the cursor floated outside the browser content\n area. (MFSA 2007-04 / CVE-2007-0779)\n\n - Manually opening blocked popups could be exploited by\n remote attackers to allow XSS attacks (CVE-2007-0780) or\n to execute code in local files. (CVE-2007-0800). (MFSA\n 2007-05)\n\n - Two buffer overflows were found in the NSS handling of\n Mozilla. (MFSA 2007-06)\n\n - SSL clients such as Firefox and Thunderbird can suffer a\n buffer overflow if a malicious server presents a\n certificate with a public key that is too small to\n encrypt the entire 'Master Secret'. Exploiting this\n overflow appears to be unreliable but possible if the\n SSLv2 protocol is enabled. (CVE-2007-0008)\n\n - Servers that use NSS for the SSLv2 protocol can be\n exploited by a client that presents a 'Client Master\n Key' with invalid length values in any of several fields\n that are used without adequate error checking. This can\n lead to a buffer overflow that presumably could be\n exploitable. (CVE-2007-0009)\n\n - Michal Zalewski demonstrated that setting\n location.hostname to a value with embedded null\n characters can confuse the browsers domain checks.\n Setting the value triggers a load, but the networking\n software reads the hostname only up to the null\n character while other checks for 'parent domain' start\n at the right and so can have a completely different idea\n of what the current host is. (MFSA 2007-06 /\n CVE-2007-0981)", "edition": 25, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 2683)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLAFIREFOX-2683.NASL", "href": "https://www.tenable.com/plugins/nessus/29359", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29359);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-6077\", \"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\", \"CVE-2007-0778\", \"CVE-2007-0779\", \"CVE-2007-0780\", \"CVE-2007-0800\", \"CVE-2007-0981\", \"CVE-2007-0995\", \"CVE-2007-0996\");\n\n script_name(english:\"SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 2683)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings Mozilla Firefox to security update version\n1.5.0.10.\n\n - As part of the Firefox 2.0.0.2 and 1.5.0.10 update\n releases several bugs were fixed to improve the\n stability of the browser. Some of these were crashes\n that showed evidence of memory corruption and we presume\n that with enough effort at least some of these could be\n exploited to run arbitrary code. These fixes affected\n the layout engine (CVE-2007-0775), SVG renderer\n (CVE-2007-0776) and JavaScript engine. (CVE-2007-0777).\n (MFSA 2007-01)\n\n - Various enhancements were done to make XSS exploits\n against websites less effective. These included fixes\n for invalid trailing characters (CVE-2007-0995), child\n frame character set inheritance (CVE-2007-0996),\n password form injection (CVE-2006-6077), and the Adobe\n Reader universal XSS problem. (MFSA 2007-02)\n\n - AAd reported a potential disk cache collision that could\n be exploited by remote attackers to steal confidential\n data or execute code. (MFSA 2007-03 / CVE-2007-0778)\n\n - David Eckel reported that browser UI elements--such as\n the host name and security indicators--could be spoofed\n by using a large, mostly transparent, custom cursor and\n adjusting the CSS3 hotspot property so that the visible\n part of the cursor floated outside the browser content\n area. (MFSA 2007-04 / CVE-2007-0779)\n\n - Manually opening blocked popups could be exploited by\n remote attackers to allow XSS attacks (CVE-2007-0780) or\n to execute code in local files. (CVE-2007-0800). (MFSA\n 2007-05)\n\n - Two buffer overflows were found in the NSS handling of\n Mozilla. (MFSA 2007-06)\n\n - SSL clients such as Firefox and Thunderbird can suffer a\n buffer overflow if a malicious server presents a\n certificate with a public key that is too small to\n encrypt the entire 'Master Secret'. Exploiting this\n overflow appears to be unreliable but possible if the\n SSLv2 protocol is enabled. (CVE-2007-0008)\n\n - Servers that use NSS for the SSLv2 protocol can be\n exploited by a client that presents a 'Client Master\n Key' with invalid length values in any of several fields\n that are used without adequate error checking. This can\n lead to a buffer overflow that presumably could be\n exploitable. (CVE-2007-0009)\n\n - Michal Zalewski demonstrated that setting\n location.hostname to a value with embedded null\n characters can confuse the browsers domain checks.\n Setting the value triggers a load, but the networking\n software reads the hostname only up to the null\n character while other checks for 'parent domain' start\n at the right and so can have a completely different idea\n of what the current host is. (MFSA 2007-06 /\n CVE-2007-0981)\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-01.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-01/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-02.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-02/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-03/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-04.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-04/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-05.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-05/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-06/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-6077.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0008.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0775.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0776.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0777.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0778.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0779.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0780.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0800.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0981.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0995.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0996.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 2683.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(79, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"MozillaFirefox-1.5.0.10-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"MozillaFirefox-translations-1.5.0.10-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, reference:\"MozillaFirefox-1.5.0.10-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, reference:\"MozillaFirefox-translations-1.5.0.10-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:14:09", "description": "This update brings Mozilla Firefox to security update version 2.0.0.10\n\nFollowing security problems were fixed: MFSA 2007-37 / CVE-2007-5947:\nThe jar protocol handler in Mozilla Firefox retrieves the inner URL\nregardless of its MIME type, and considers HTML documents within a jar\narchive to have the same origin as the inner URL, which allows remote\nattackers to conduct cross-site scripting (XSS) attacks via a jar:\nURI.\n\n - The Firefox 2.0.0.10 update contains fixes for three\n bugs that improve the stability of the product. These\n crashes showed some evidence of memory corruption under\n certain circumstances and we presume that with enough\n effort at least some of these could be exploited to run\n arbitrary code. (MFSA 2007-38 / CVE-2007-5959)\n\n - Gregory Fleischer demonstrated that it was possible to\n generate a fake HTTP Referer header by exploiting a\n timing condition when setting the window.location\n property. This could be used to conduct a Cross-site\n Request Forgery (CSRF) attack against websites that rely\n only on the Referer header as protection against such\n attacks. (MFSA 2007-39 / CVE-2007-5960)", "edition": 24, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 4757)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5947", "CVE-2007-5960", "CVE-2007-5959"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLAFIREFOX-4757.NASL", "href": "https://www.tenable.com/plugins/nessus/29363", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29363);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5947\", \"CVE-2007-5959\", \"CVE-2007-5960\");\n\n script_name(english:\"SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 4757)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings Mozilla Firefox to security update version 2.0.0.10\n\nFollowing security problems were fixed: MFSA 2007-37 / CVE-2007-5947:\nThe jar protocol handler in Mozilla Firefox retrieves the inner URL\nregardless of its MIME type, and considers HTML documents within a jar\narchive to have the same origin as the inner URL, which allows remote\nattackers to conduct cross-site scripting (XSS) attacks via a jar:\nURI.\n\n - The Firefox 2.0.0.10 update contains fixes for three\n bugs that improve the stability of the product. These\n crashes showed some evidence of memory corruption under\n certain circumstances and we presume that with enough\n effort at least some of these could be exploited to run\n arbitrary code. (MFSA 2007-38 / CVE-2007-5959)\n\n - Gregory Fleischer demonstrated that it was possible to\n generate a fake HTTP Referer header by exploiting a\n timing condition when setting the window.location\n property. This could be used to conduct a Cross-site\n Request Forgery (CSRF) attack against websites that rely\n only on the Referer header as protection against such\n attacks. (MFSA 2007-39 / CVE-2007-5960)\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-37.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-37/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-38.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-38/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-39.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-39/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5947.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5959.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5960.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4757.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"MozillaFirefox-2.0.0.10-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"MozillaFirefox-translations-2.0.0.10-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"MozillaFirefox-2.0.0.10-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"MozillaFirefox-translations-2.0.0.10-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:14:08", "description": "This update brings Mozilla Firefox to security update version 2.0.0.8\n\nFollowing security problems were fixed :\n\n - Privilege escalation through chrome-loaded about:blank\n windows. (MFSA 2007-26 / CVE-2007-3844)\n\n Mozilla researcher moz_bug_r_a4 reported that a flaw was\n introduced by the fix for MFSA 2007-20 that could enable\n privilege escalation attacks against addons that create\n 'about:blank' windows and populate them in certain ways\n (including implicit 'about:blank' document creation\n through data: or javascript: URLs in a new window).\n\n - Crashes with evidence of memory corruption As part of\n the Firefox 2.0.0.8 update releases Mozilla developers\n fixed many bugs to improve the stability of the product.\n Some of these crashes showed evidence of memory\n corruption under certain circumstances and we presume\n that with enough effort at least some of these could be\n exploited to run arbitrary code. (MFSA 2007-29)\n\n - Browser crashes. (CVE-2007-5339)\n\n - JavaScript engine crashes. (CVE-2007-5340)\n\n - onUnload Tailgating Michal Zalewski demonstrated that\n onUnload event handlers had access to the address of the\n new page about to be loaded, even if the navigation was\n triggered from outside the page content such as by using\n a bookmark, pressing the back button, or typing an\n address into the location bar. If the bookmark contained\n sensitive information in the URL the attacking page\n might be able to take advantage of it. An attacking page\n would also be able to redirect the user, perhaps to a\n phishing page that looked like the site the user thought\n they were about to visit. (MFSA 2007-30 / CVE-2007-1095)\n\n - Digest authentication request splitting. (MFSA 2007-31 /\n CVE-2007-2292)\n\n Security researcher Stefano Di Paola reported that\n Firefox did not properly validate the user ID when\n making an HTTP request using Digest Authentication to\n log into a website. A malicious page could abuse this to\n inject arbitrary HTTP headers by including a newline\n character in the user ID followed by the injected header\n data. If the user were connecting through a proxy the\n attacker could inject headers that a proxy would\n interpret as two separate requests for different hosts.\n\n - File input focus stealing vulnerability. (MFSA 2007-32 /\n CVE-2007-3511 / CVE-2006-2894)\n\n A user on the Sla.ckers.org forums named hong reported\n that a file upload control could be filled\n programmatically by switching page focus to the label\n before a file upload form control for selected keyboard\n events. An attacker could use this trick to steal files\n from the users' computer if the attacker knew the full\n pathnames to the desired fileis and could create a\n pretext that would convince the user to type long enough\n to produce all the necessary characters.\n\n - XUL pages can hide the window titlebar. (MFSA 2007-33 /\n CVE-2007-5334)\n\n Mozilla developer Eli Friedman discovered that web pages\n written in the XUL markup language (rather than the\n usual HTML) can hide their window's titlebar. It may\n have been possible to abuse this ability to create more\n convincing spoof and phishing pages.\n\n - Possible file stealing through sftp protocol. (MFSA\n 2007-34 / CVE-2007-5337)\n\n On Linux machines with gnome-vfs support the smb: and\n sftp: URI schemes are available in Firefox. Georgi\n Guninski showed that if an attacker can store the attack\n page in a mutually accessible location on the target\n server (/tmp perhaps) and lure the victim into loading\n it, the attacker could potentially read any file owned\n by the victim from known locations on that server.\n\n - XPCNativeWraper pollution using Script object. (MFSA\n 2007-35 / CVE-2007-5338)\n\n Mozilla security researcher moz_bug_r_a4 reported that\n it was possible to use the Script object to modify\n XPCNativeWrappers in such a way that subsequent access\n by the browser chrome--such as by right-clicking to open\n a context menu--can cause attacker-supplied JavaScript\n to run with the same privileges as the user. This is\n similar to MFSA 2007-25 fixed in Firefox 2.0.0.5\n\nOnly Windows is affected by :\n\n - Unescaped URIs passed to external programs. (MFSA\n 2007-27 / CVE-2007-3845)\n\n This problem affects Windows only due to their handling\n of URI launchers.\n\n - Code execution via QuickTime Media-link files. (MFSA\n 2007-28 / CVE-2006-4965)\n\n Linux does not have .lnk files, nor Quicktime. Not\n affected.\n\n - URIs with invalid %-encoding mishandled by Windows.\n (MFSA 2007-36 / CVE-2007-4841)\n\n This problem does not affected Linux.", "edition": 25, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 4570)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5334", "CVE-2007-3845", "CVE-2006-2894", "CVE-2007-5338", "CVE-2007-5340", "CVE-2007-3511", "CVE-2006-4965", "CVE-2007-3844", "CVE-2007-5337", "CVE-2007-2292", "CVE-2007-5339", "CVE-2007-1095", "CVE-2007-4841"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLAFIREFOX-4570.NASL", "href": "https://www.tenable.com/plugins/nessus/29362", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29362);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2894\", \"CVE-2006-4965\", \"CVE-2007-1095\", \"CVE-2007-2292\", \"CVE-2007-3511\", \"CVE-2007-3844\", \"CVE-2007-3845\", \"CVE-2007-4841\", \"CVE-2007-5334\", \"CVE-2007-5337\", \"CVE-2007-5338\", \"CVE-2007-5339\", \"CVE-2007-5340\");\n\n script_name(english:\"SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 4570)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings Mozilla Firefox to security update version 2.0.0.8\n\nFollowing security problems were fixed :\n\n - Privilege escalation through chrome-loaded about:blank\n windows. (MFSA 2007-26 / CVE-2007-3844)\n\n Mozilla researcher moz_bug_r_a4 reported that a flaw was\n introduced by the fix for MFSA 2007-20 that could enable\n privilege escalation attacks against addons that create\n 'about:blank' windows and populate them in certain ways\n (including implicit 'about:blank' document creation\n through data: or javascript: URLs in a new window).\n\n - Crashes with evidence of memory corruption As part of\n the Firefox 2.0.0.8 update releases Mozilla developers\n fixed many bugs to improve the stability of the product.\n Some of these crashes showed evidence of memory\n corruption under certain circumstances and we presume\n that with enough effort at least some of these could be\n exploited to run arbitrary code. (MFSA 2007-29)\n\n - Browser crashes. (CVE-2007-5339)\n\n - JavaScript engine crashes. (CVE-2007-5340)\n\n - onUnload Tailgating Michal Zalewski demonstrated that\n onUnload event handlers had access to the address of the\n new page about to be loaded, even if the navigation was\n triggered from outside the page content such as by using\n a bookmark, pressing the back button, or typing an\n address into the location bar. If the bookmark contained\n sensitive information in the URL the attacking page\n might be able to take advantage of it. An attacking page\n would also be able to redirect the user, perhaps to a\n phishing page that looked like the site the user thought\n they were about to visit. (MFSA 2007-30 / CVE-2007-1095)\n\n - Digest authentication request splitting. (MFSA 2007-31 /\n CVE-2007-2292)\n\n Security researcher Stefano Di Paola reported that\n Firefox did not properly validate the user ID when\n making an HTTP request using Digest Authentication to\n log into a website. A malicious page could abuse this to\n inject arbitrary HTTP headers by including a newline\n character in the user ID followed by the injected header\n data. If the user were connecting through a proxy the\n attacker could inject headers that a proxy would\n interpret as two separate requests for different hosts.\n\n - File input focus stealing vulnerability. (MFSA 2007-32 /\n CVE-2007-3511 / CVE-2006-2894)\n\n A user on the Sla.ckers.org forums named hong reported\n that a file upload control could be filled\n programmatically by switching page focus to the label\n before a file upload form control for selected keyboard\n events. An attacker could use this trick to steal files\n from the users' computer if the attacker knew the full\n pathnames to the desired fileis and could create a\n pretext that would convince the user to type long enough\n to produce all the necessary characters.\n\n - XUL pages can hide the window titlebar. (MFSA 2007-33 /\n CVE-2007-5334)\n\n Mozilla developer Eli Friedman discovered that web pages\n written in the XUL markup language (rather than the\n usual HTML) can hide their window's titlebar. It may\n have been possible to abuse this ability to create more\n convincing spoof and phishing pages.\n\n - Possible file stealing through sftp protocol. (MFSA\n 2007-34 / CVE-2007-5337)\n\n On Linux machines with gnome-vfs support the smb: and\n sftp: URI schemes are available in Firefox. Georgi\n Guninski showed that if an attacker can store the attack\n page in a mutually accessible location on the target\n server (/tmp perhaps) and lure the victim into loading\n it, the attacker could potentially read any file owned\n by the victim from known locations on that server.\n\n - XPCNativeWraper pollution using Script object. (MFSA\n 2007-35 / CVE-2007-5338)\n\n Mozilla security researcher moz_bug_r_a4 reported that\n it was possible to use the Script object to modify\n XPCNativeWrappers in such a way that subsequent access\n by the browser chrome--such as by right-clicking to open\n a context menu--can cause attacker-supplied JavaScript\n to run with the same privileges as the user. This is\n similar to MFSA 2007-25 fixed in Firefox 2.0.0.5\n\nOnly Windows is affected by :\n\n - Unescaped URIs passed to external programs. (MFSA\n 2007-27 / CVE-2007-3845)\n\n This problem affects Windows only due to their handling\n of URI launchers.\n\n - Code execution via QuickTime Media-link files. (MFSA\n 2007-28 / CVE-2006-4965)\n\n Linux does not have .lnk files, nor Quicktime. Not\n affected.\n\n - URIs with invalid %-encoding mishandled by Windows.\n (MFSA 2007-36 / CVE-2007-4841)\n\n This problem does not affected Linux.\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-20.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-20/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-25.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-25/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-26.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-26/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-27.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-27/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-28.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-28/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-29.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-29/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-30.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-30/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-31.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-31/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-32.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-32/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-33.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-33/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-34.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-34/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-35.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-35/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-36.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-36/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-2894.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4965.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-1095.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2292.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3511.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3844.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3845.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4841.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5334.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5338.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5339.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5340.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4570.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 94, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"MozillaFirefox-2.0.0.8-1.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"MozillaFirefox-translations-2.0.0.8-1.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"MozillaFirefox-2.0.0.8-1.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"MozillaFirefox-translations-2.0.0.8-1.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:14:08", "description": "This update brings Mozilla Firefox to security update version 2.0.0.4\n\n - Chris Thomas demonstrated that XUL popups opened by web\n content could be placed outside the boundaries of the\n content area. This could be used to spoof or hide parts\n of the browser chrome such as the location bar. (MFSA\n 2007-17 / CVE-2007-2871)\n\n - Mozilla contributor moz_bug_r_a4 demonstrated that the\n addEventListener method could be used to inject script\n into another site in violation of the browser's\n same-origin policy. This could be used to access or\n modify private or valuable information from that other\n site. (MFSA 2007-16 / CVE-2007-2870)\n\n - Nicolas Derouet reported two problems with cookie\n handling in Mozilla clients. Insufficient length checks\n could be use to exhaust browser memory and so to crash\n the browser or at least slow it done by a large degree.\n (MFSA 2007-14 / CVE-2007-1362)\n\n The second issue was that the cookie path and name\n values were not checked for the presence of the\n delimiter used for internal cookie storage, and if\n present this confused future interpretation of the\n cookie data. This is not considered to be exploitable.\n\n - Marcel reported that a malicious web page could perform\n a denial of service attack against the form autocomplete\n feature that would persist from session to session until\n the malicious form data was deleted. Filling a text\n field with millions of characters and submitting the\n form will cause the victim's browser to hang for up to\n several minutes while the form data is read, and this\n will happen the first time autocomplete is triggered\n after every browser restart. (MFSA 2007-13 /\n CVE-2007-2869)\n\n No harm is done to the user's computer, but the\n frustration caused by the hang could prevent use of\n Firefox if users don't know how to clear the bad state.\n\n - As part of the Firefox 2.0.0.4 and 1.5.0.12 update\n releases Mozilla developers fixed many bugs to improve\n the stability of the product. Some of these crashes that\n showed evidence of memory corruption under certain\n circumstances and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code. (MFSA 2007-12 / CVE-2007-2867 / CVE-2007-2868)\n\n Without further investigation we cannot rule out the\n possibility that for some of these an attacker might be\n able to prepare memory for exploitation through some\n means other than JavaScript, such as large images.\n\n - Incorrect FTP PASV handling could be used by malicious\n ftp servers to do a rudimentary port scanning of for\n instance internal networks of the computer the browser\n is running on. (MFSA 2007-11 / CVE-2007-1562)", "edition": 25, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 3756)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2868", "CVE-2007-2871", "CVE-2007-2870", "CVE-2007-2867", "CVE-2007-1562", "CVE-2007-2869", "CVE-2007-1362"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLAFIREFOX-3756.NASL", "href": "https://www.tenable.com/plugins/nessus/29360", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29360);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-1362\", \"CVE-2007-1562\", \"CVE-2007-2867\", \"CVE-2007-2868\", \"CVE-2007-2869\", \"CVE-2007-2870\", \"CVE-2007-2871\");\n\n script_name(english:\"SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 3756)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings Mozilla Firefox to security update version 2.0.0.4\n\n - Chris Thomas demonstrated that XUL popups opened by web\n content could be placed outside the boundaries of the\n content area. This could be used to spoof or hide parts\n of the browser chrome such as the location bar. (MFSA\n 2007-17 / CVE-2007-2871)\n\n - Mozilla contributor moz_bug_r_a4 demonstrated that the\n addEventListener method could be used to inject script\n into another site in violation of the browser's\n same-origin policy. This could be used to access or\n modify private or valuable information from that other\n site. (MFSA 2007-16 / CVE-2007-2870)\n\n - Nicolas Derouet reported two problems with cookie\n handling in Mozilla clients. Insufficient length checks\n could be use to exhaust browser memory and so to crash\n the browser or at least slow it done by a large degree.\n (MFSA 2007-14 / CVE-2007-1362)\n\n The second issue was that the cookie path and name\n values were not checked for the presence of the\n delimiter used for internal cookie storage, and if\n present this confused future interpretation of the\n cookie data. This is not considered to be exploitable.\n\n - Marcel reported that a malicious web page could perform\n a denial of service attack against the form autocomplete\n feature that would persist from session to session until\n the malicious form data was deleted. Filling a text\n field with millions of characters and submitting the\n form will cause the victim's browser to hang for up to\n several minutes while the form data is read, and this\n will happen the first time autocomplete is triggered\n after every browser restart. (MFSA 2007-13 /\n CVE-2007-2869)\n\n No harm is done to the user's computer, but the\n frustration caused by the hang could prevent use of\n Firefox if users don't know how to clear the bad state.\n\n - As part of the Firefox 2.0.0.4 and 1.5.0.12 update\n releases Mozilla developers fixed many bugs to improve\n the stability of the product. Some of these crashes that\n showed evidence of memory corruption under certain\n circumstances and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code. (MFSA 2007-12 / CVE-2007-2867 / CVE-2007-2868)\n\n Without further investigation we cannot rule out the\n possibility that for some of these an attacker might be\n able to prepare memory for exploitation through some\n means other than JavaScript, such as large images.\n\n - Incorrect FTP PASV handling could be used by malicious\n ftp servers to do a rudimentary port scanning of for\n instance internal networks of the computer the browser\n is running on. (MFSA 2007-11 / CVE-2007-1562)\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-11.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-11/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-12.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-12/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-13/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-14.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-14/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-16.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-16/\"\n );\n # http://www.mozilla.org/security/announce/2007/mfsa2007-17.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-17/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-1362.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-1562.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2867.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2868.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2869.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2870.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2871.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 3756.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 94, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"MozillaFirefox-2.0.0.4-1.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"MozillaFirefox-translations-2.0.0.4-1.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"MozillaFirefox-2.0.0.4-1.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"MozillaFirefox-translations-2.0.0.4-1.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T04:13:48", "description": "The installed version of Netscape is affected by various security\nissues :\n\n - Three bugs that can result in crashes with traces \n of memory corruption\n\n - A cross-site scripting vulnerability involving\n support for the 'jar:' URI scheme\n\n - A timing issue when setting the 'window.location' \n property that could be leveraged to conduct\n cross-site request forgery attacks.", "edition": 29, "published": "2007-12-03T00:00:00", "title": "Netscape Browser < 9.0.0.4 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5947", "CVE-2007-5960", "CVE-2007-5959"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:netscape:navigator"], "id": "NETSCAPE_BROWSER_9004.NASL", "href": "https://www.tenable.com/plugins/nessus/28377", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28377);\n script_version(\"1.16\");\n\n script_cve_id(\"CVE-2007-5947\", \"CVE-2007-5959\", \"CVE-2007-5960\");\n script_bugtraq_id(26385, 26589, 26593);\n\n script_name(english:\"Netscape Browser < 9.0.0.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Netscape\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Netscape is affected by various security\nissues :\n\n - Three bugs that can result in crashes with traces \n of memory corruption\n\n - A cross-site scripting vulnerability involving\n support for the 'jar:' URI scheme\n\n - A timing issue when setting the 'window.location' \n property that could be leveraged to conduct\n cross-site request forgery attacks.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-37/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-38/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-39/\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b8800503\" );\n # http://blog.netscape.com/2007/12/28/end-of-support-for-netscape-web-browsers/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8cae066a\" );\n script_set_attribute(attribute:\"solution\", value:\n\"The Netscape Browser / Navigator has been discontinued. While these\nissues were reportedly fixed in 9.0.0.4, it is strongly recommended\nthat you switch to the latest version of another browser, such as\nMozilla Firefox, which the Netscape Team recommends.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/12/03\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/11/09\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\",value:\"cpe:/a:netscape:navigator\");\nscript_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"netscape_browser_detect.nasl\");\n script_require_keys(\"SMB/Netscape/installed\");\n exit(0);\n}\n\n#\n\nlist = get_kb_list(\"SMB/Netscape/*\");\nif (isnull(list)) exit(0);\n\nforeach key (keys(list))\n{\n ver = key - \"SMB/Netscape/\";\n if (ver && ver =~ \"^([0-8]\\.|9\\.0($|\\.0\\.[0-3]))\")\n {\n security_hole(get_kb_item(\"SMB/transport\"));\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T04:07:03", "description": "The installed version of Firefox is affected by various security\nissues :\n\n - Three bugs that can result in crashes with traces \n of memory corruption\n\n - A cross-site scripting vulnerability involving\n support for the 'jar:' URI scheme\n\n - A timing issue when setting the 'window.location' \n property that could be leveraged to conduct\n cross-site request forgery attacks.", "edition": 29, "published": "2007-11-27T00:00:00", "title": "Firefox < 2.0.0.10 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5947", "CVE-2007-5960", "CVE-2007-5959"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_20010.NASL", "href": "https://www.tenable.com/plugins/nessus/28329", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28329);\n script_version(\"1.16\");\n\n script_cve_id(\"CVE-2007-5947\", \"CVE-2007-5959\", \"CVE-2007-5960\");\n script_bugtraq_id(26385, 26589, 26593);\n\n script_name(english:\"Firefox < 2.0.0.10 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox is affected by various security\nissues :\n\n - Three bugs that can result in crashes with traces \n of memory corruption\n\n - A cross-site scripting vulnerability involving\n support for the 'jar:' URI scheme\n\n - A timing issue when setting the 'window.location' \n property that could be leveraged to conduct\n cross-site request forgery attacks.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-37/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-38/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-39/\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 2.0.0.10 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/11/27\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/11/26\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\nscript_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\"); \n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'2.0.0.10', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:25", "bulletinFamily": "software", "cvelist": ["CVE-2008-1233", "CVE-2008-1234", "CVE-2008-1235"], "description": "Mozilla Foundation Security Advisory 2008-14\r\n\r\nTitle: JavaScript privilege escalation and arbitrary code execution\r\nImpact: Critical\r\nAnnounced: March 25, 2008\r\nReporter: moz_bug_r_a4, Boris Zbarsky, Johnny Stenback\r\nProducts: Firefox, Thunderbird, SeaMonkey\r\n\r\nFixed in: Firefox 2.0.0.13\r\n Thunderbird 2.0.0.13\r\n SeaMonkey 1.1.9\r\nDescription\r\n\r\nMozilla contributors moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback reported a series of vulnerabilities which allow scripts from page content to run with elevated privileges. moz_bug_r_a4 demonstrated additional variants of MFSA 2007-25 and MFSA2007-35 &#40;arbitrary code execution through XPCNativeWrapper pollution&#41;. Additional vulnerabilities reported separately by Boris Zbarsky, Johnny Stenback, and moz_bug_r_a4 showed that the browser could be forced to run JavaScript code using the wrong principal leading to universal XSS and arbitrary code execution.\r\n\r\nThunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail. This is not the default setting and we strongly discourage users from running JavaScript in mail.\r\nWorkaround\r\n\r\nDisable JavaScript until a version containing these fixes can be installed.\r\nReferences\r\n\r\n * XPCNativeWrapper pollution\r\n CVE-2008-1233\r\n * Universal XSS using event handlers\r\n CVE-2008-1234\r\n * Privilege escalation via incorrect principals\r\n CVE-2008-1235\r\n", "edition": 1, "modified": "2008-03-26T00:00:00", "published": "2008-03-26T00:00:00", "id": "SECURITYVULNS:DOC:19516", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19516", "title": "Mozilla Foundation Security Advisory 2008-14", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2021-04-21T20:36:31", "description": "Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.", "edition": 7, "cvss3": {}, "published": "2007-10-21T20:17:00", "title": "CVE-2007-5334", "type": "cve", "cwe": ["CWE-16"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5334"], "modified": "2018-10-15T21:42:00", "cpe": ["cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:seamonkey:1.1.4"], "id": "CVE-2007-5334", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5334", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*"]}, {"lastseen": "2021-04-21T20:36:31", "description": "Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.", "edition": 7, "cvss3": {}, "published": "2007-10-21T20:17:00", "title": "CVE-2007-5337", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5337"], "modified": "2018-10-15T21:43:00", "cpe": ["cpe:/a:gnome:gnome-vfs:*", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:seamonkey:1.1.4"], "id": "CVE-2007-5337", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5337", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnome:gnome-vfs:*:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*"]}]}