Lucene search
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOS_FIREFOX_62_0_0.NASLHistorySep 06, 2018 - 12:00 a.m.
Mozilla Firefox < 62 Multiple Critical Vulnerabilities (macOS)
2018-09-0600:00:00
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
The version of Mozilla Firefox installed on the remote macOS or Mac OS X host is prior to 62. It is, therefore, affected by multiple critical and high severity vulnerabilities.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(117291);
script_version("1.6");
script_cvs_date("Date: 2019/04/05 23:25:06");
script_cve_id(
"CVE-2017-16541",
"CVE-2018-12375",
"CVE-2018-12376",
"CVE-2018-12377",
"CVE-2018-12378",
"CVE-2018-12379",
"CVE-2018-12381",
"CVE-2018-12382",
"CVE-2018-12383"
);
script_bugtraq_id(101665);
script_xref(name:"MFSA", value:"2018-20");
script_name(english:"Mozilla Firefox < 62 Multiple Critical Vulnerabilities (macOS)");
script_summary(english:"Checks the version of Firefox.");
script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote macOS or Mac OS X host is
affected by multiple critical and high severity vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Mozilla Firefox installed on the remote macOS or
Mac OS X host is prior to 62. It is, therefore, affected by multiple
critical and high severity vulnerabilities.");
# https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8517426b");
script_set_attribute(attribute:"solution", value:
"Upgrade to Mozilla Firefox version 62.0.0 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-12377");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/05");
script_set_attribute(attribute:"patch_publication_date", value:"2018/09/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("macosx_firefox_installed.nasl");
script_require_keys("MacOSX/Firefox/Installed");
exit(0);
}
include("mozilla_version.inc");
kb_base = "MacOSX/Firefox";
get_kb_item_or_exit(kb_base+"/Installed");
version = get_kb_item_or_exit(kb_base+"/Version", exit_code:1);
path = get_kb_item_or_exit(kb_base+"/Path", exit_code:1);
if (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');
mozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'62.0.0', severity:SECURITY_HOLE);
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12375
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12381
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12382
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
www.nessus.org/u?8517426b
Related
nessus
nessus
Mozilla Firefox < 62.0 Multiple Vulnerabilities
2019-02-06 00:00:00
Mozilla Firefox < 62 Multiple Critical Vulnerabilities
2018-09-06 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-09-05 00:00:00
kaspersky
kaspersky
KLA11313 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2018-09-05 00:00:00
KLA11336 Multiple vulnerabilities in Mozilla Thunderbird
2018-10-04 00:00:00
KLA11321 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2018-09-21 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 62 — Mozilla
2018-09-05 00:00:00
Security vulnerabilities fixed in Firefox ESR 60.2 — Mozilla
2018-09-05 00:00:00
Security vulnerabilities fixed in Thunderbird 60.2.1 — Mozilla
2018-10-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.2.0-alt1
2018-09-10 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 60.2.1-alt1
2018-10-15 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 60.2.1-alt1
2018-09-24 00:00:00
openvas
openvas
Mozilla Firefox Security Updates (mfsa_2018-20) - Windows
2018-09-06 00:00:00
Mozilla Firefox Security Updates (mfsa_2018-20) - MAC OS X
2018-09-06 00:00:00
Ubuntu Update for firefox USN-3761-2
2018-09-14 00:00:00
ubuntu
ubuntu
Firefox regressions
2018-09-13 00:00:00
Firefox regressions
2018-09-17 00:00:00
Firefox vulnerabilities
2018-09-06 00:00:00
oraclelinux
oraclelinux
firefox security update
2018-09-12 00:00:00
thunderbird security update
2018-11-19 00:00:00
thunderbird security update
2018-11-07 00:00:00
debian
debian
[SECURITY] [DSA 4327-1] thunderbird security update
2018-10-25 21:24:51
[SECURITY] [DSA 4287-1] firefox-esr security update
2018-09-07 21:20:03
[SECURITY] [DLA 1575-1] thunderbird security update
2018-11-12 09:30:01
threatpost
threatpost
Mozilla Patches Critical Code Execution Bug in Firefox 62
2018-09-06 14:34:28
suse
suse
Security update for MozillaFirefox (important)
2018-09-08 15:07:29
Security update for MozillaThunderbird (important)
2018-10-06 18:07:49
Security update for MozillaFirefox (moderate)
2018-09-24 12:16:46
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS
2018-11-02 06:50:01
centos
centos
firefox security update
2018-09-13 16:39:24
firefox security update
2018-09-13 16:33:00
thunderbird security update
2018-11-05 18:57:41
redhat
redhat
(RHSA-2018:3458) Important: thunderbird security update
2018-11-05 09:56:07
(RHSA-2018:3403) Important: thunderbird security update
2018-10-30 14:55:51
(RHSA-2018:2692) Critical: firefox security update
2018-09-12 09:58:54
archlinux
archlinux
[ASA-201810-13] thunderbird: multiple issues
2018-10-18 00:00:00
osv
osv
thunderbird - security update
2018-10-25 00:00:00
firefox-esr - security update
2018-09-07 00:00:00
thunderbird - security update
2018-11-12 00:00:00
cve
cve
redhatcve
redhatcve
veracode
veracode
Arbitrary Code Execution
2020-09-21 06:34:17
Information Disclosure
2019-01-15 09:24:41
Memory Corruption
2019-05-16 03:19:29
ubuntucve
ubuntucve
prion
prion
Memory corruption
2018-10-18 13:29:00
Code injection
2018-10-18 13:29:00
Default credentials
2018-10-18 13:29:00
debiancve
debiancve
slackware
slackware
[slackware-security] mozilla-firefox
2018-09-22 23:26:53
packetstorm
packetstorm
Tor Browser 7.0.8 Information Disclosure
2018-09-11 00:00:00
Tor Browser SMB Deanonymization / Information Disclosure
2018-09-13 00:00:00
zdt
zdt
Tor Browser 7.0.8 Information Disclosure Vulnerability
2018-09-11 00:00:00
mageia
mageia
Updated thunderbird packages fix security issues & bugs
2018-12-16 00:29:48
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2018-10-02 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2018-11-24 00:00:00
Related for MACOS_FIREFOX_62_0_0.NASL