Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

GLSA-200708-09 : Mozilla products: Multiple vulnerabilities

🗓️ 15 Aug 2007 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 42 Views

The remote host is affected by multiple vulnerabilities in Mozilla products, including issues with modifying XPCNativeWrappers, event handlers, cross-site scripting, promiscuous IFRAME access, URL spoofing, and Denials of Service involving corrupted memory, leading to the execution of arbitrary code or a Denial of Service

Related
Refs
Code
ReporterTitlePublishedViews
Family
Tenable Nessus		Mozilla Firefox < 2.0.0.5 Multiple Vulnerabilities
18 Jul 200700:00
nessus
Tenable Nessus		Mozilla Firefox < 2.0.0.6 Multiple Vulnerabilities
31 Jul 200700:00
nessus
Tenable Nessus		Mozilla Thunderbird < 1.5.0.13 Multiple Vulnerabilities (deprecated)
31 Jul 200700:00
nessus
Tenable Nessus		SeaMonkey < 1.1.4 Multiple Vulnerabilities
31 Jul 200700:00
nessus
Tenable Nessus		CentOS 3 / 4 : seamonkey (CESA-2007:0722)
23 Jul 200700:00
nessus
Tenable Nessus		CentOS 4 / 5 : thunderbird (CESA-2007:0723)
23 Jul 200700:00
nessus
Tenable Nessus		CentOS 4 / 5 : firefox (CESA-2007:0724)
23 Jul 200700:00
nessus
Tenable Nessus		CentOS 4 / 5 : firefox (CESA-2007:0979)
25 Oct 200700:00
nessus
Tenable Nessus		CentOS 3 / 4 : seamonkey (CESA-2007:0980)
25 Oct 200700:00
nessus
Tenable Nessus		CentOS 4 / 5 : thunderbird (CESA-2007:0981)
25 Oct 200700:00
nessus
Rows per page
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200708-09.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(25888);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2007-3089", "CVE-2007-3656", "CVE-2007-3734", "CVE-2007-3735", "CVE-2007-3736", "CVE-2007-3737", "CVE-2007-3738", "CVE-2007-3844");
  script_bugtraq_id(24286, 24831, 24946, 25142);
  script_xref(name:"GLSA", value:"200708-09");

  script_name(english:"GLSA-200708-09 : Mozilla products: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200708-09
(Mozilla products: Multiple vulnerabilities)

    Mozilla developers fixed several bugs, including an issue with
    modifying XPCNativeWrappers (CVE-2007-3738), a problem with event
    handlers executing elements outside of the document (CVE-2007-3737),
    and a cross-site scripting (XSS) vulnerability (CVE-2007-3736). They
    also fixed a problem with promiscuous IFRAME access (CVE-2007-3089) and
    an XULRunner URL spoofing issue with the wyciwyg:// URI and HTTP 302
    redirects (CVE-2007-3656). Denials of Service involving corrupted
    memory were fixed in the browser engine (CVE-2007-3734) and the
    JavaScript engine (CVE-2007-3735). Finally, another XSS vulnerability
    caused by a regression in the CVE-2007-3089 patch was fixed
    (CVE-2007-3844).
  
Impact :

    A remote attacker could entice a user to view a specially crafted web
    page that will trigger one of the vulnerabilities, possibly leading to
    the execution of arbitrary code or a Denial of Service. It is also
    possible for an attacker to perform cross-site scripting attacks, which
    could result in the exposure of sensitive information such as login
    credentials.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200708-09"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Mozilla Firefox users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-2.0.0.6'
    All Mozilla Firefox binary users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-2.0.0.6'
    All Mozilla Thunderbird users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-2.0.0.6'
    All Mozilla Thunderbird binary users should upgrade to the latest
    version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-2.0.0.6'
    All SeaMonkey users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=www-client/seamonkey-1.1.4'
    All SeaMonkey binary users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=www-client/seamonkey-bin-1.1.4'
    All XULRunner users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=net-libs/xulrunner-1.8.1.6'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(200);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mozilla-firefox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mozilla-firefox-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mozilla-thunderbird");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mozilla-thunderbird-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:seamonkey");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:seamonkey-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xulrunner");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/08/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/08/15");
  script_set_attribute(attribute:"vuln_publication_date", value:"2007/06/04");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"www-client/mozilla-firefox-bin", unaffected:make_list("ge 2.0.0.6"), vulnerable:make_list("lt 2.0.0.6"))) flag++;
if (qpkg_check(package:"www-client/seamonkey-bin", unaffected:make_list("ge 1.1.4"), vulnerable:make_list("lt 1.1.4"))) flag++;
if (qpkg_check(package:"mail-client/mozilla-thunderbird-bin", unaffected:make_list("ge 2.0.0.6"), vulnerable:make_list("lt 2.0.0.6"))) flag++;
if (qpkg_check(package:"www-client/seamonkey", unaffected:make_list("ge 1.1.4"), vulnerable:make_list("lt 1.1.4"))) flag++;
if (qpkg_check(package:"mail-client/mozilla-thunderbird", unaffected:make_list("ge 2.0.0.6"), vulnerable:make_list("lt 2.0.0.6"))) flag++;
if (qpkg_check(package:"net-libs/xulrunner", unaffected:make_list("ge 1.8.1.6"), vulnerable:make_list("lt 1.8.1.6"))) flag++;
if (qpkg_check(package:"www-client/mozilla-firefox", unaffected:make_list("ge 2.0.0.6"), vulnerable:make_list("lt 2.0.0.6"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Mozilla products");
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 Jan 2021 00:00Current
8.5High risk
Vulners AI Score8.5
CVSS 29.3
EPSS0.05447
mozilla productsmultiple vulnerabilitiesxpcnativewrappersevent handlerscross-site scriptingiframe accessurl spoofingdenials of servicecorrupted memoryarbitrary code
42