Vulners
Lucene search
MiracleLinux 3 : firefox-3.0.10-1.2AXS3 (AXSA:2009-128:01)
| Reporter | Title | Published | Views | Family All 441 |
|---|---|---|---|---|
 | mozilla -- multiple vulnerabilities | 21 Apr 200900:00 | – | freebsd |
 | Mozilla Firefox < 3.0.9 Multiple Vulnerabilities | 22 Apr 200900:00 | – | nessus |
| Mozilla Thunderbird < 2.0.0.22 Multiple Vulnerabilities | 18 Aug 200400:00 | – | nessus |
| Mozilla Firefox 3.0.9 Memory Corruption | 18 Aug 200400:00 | – | nessus |
| SeaMonkey < 1.1.17 Multiple Vulnerabilities | 18 Aug 200400:00 | – | nessus |
| CentOS 4 / 5 : firefox (CESA-2009:0436) | 6 Jan 201000:00 | – | nessus |
| CentOS 3 / 4 : seamonkey (CESA-2009:0437) | 26 May 200900:00 | – | nessus |
| CentOS 4 / 5 : firefox (CESA-2009:0449) | 6 Jan 201000:00 | – | nessus |
| CentOS 5 : thunderbird (CESA-2009:1126) | 6 Jan 201000:00 | – | nessus |
| Debian DSA-1797-1 : xulrunner - several vulnerabilities | 11 May 200900:00 | – | nessus |
10
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2009-128:01.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(284432);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/12");
script_cve_id(
"CVE-2009-1302",
"CVE-2009-1303",
"CVE-2009-1304",
"CVE-2009-1305",
"CVE-2009-1306",
"CVE-2009-1307",
"CVE-2009-1308",
"CVE-2009-1309",
"CVE-2009-1310",
"CVE-2009-1311",
"CVE-2009-1312",
"CVE-2009-1313"
);
script_name(english:"MiracleLinux 3 : firefox-3.0.10-1.2AXS3 (AXSA:2009-128:01)");
script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the
AXSA:2009-128:01 advisory.
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and
portability.
Fixed bugs:
CVE-2009-1302
The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before
1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger
memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy,
(3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT
stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7)
PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other
vectors.
CVE-2009-1303
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before
1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger
memory corruption via vectors related to nsSVGElement::BindToTree.
CVE-2009-1304
The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey
before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly
trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of
Math and Date; and (2) js_CheckRedeclaration.
CVE-2009-1305
The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before
1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger
memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT
attribute.
CVE-2009-1306
The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow
the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site
scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a Content-Disposition:
attachment designation.
CVE-2009-1307
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not
properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml
restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared
Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving
a jar: URI.
CVE-2009-1308
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey
allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript
bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
CVE-2009-1309
Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy
for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2)
XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to
conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
CVE-2009-1310
Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before
3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI
in the SearchForm element.
CVE-2009-1311
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain
sensitive information via a web page with an embedded frame, which causes POST data from an outer page to
be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
CVE-2009-1312
Mozilla Firefox before 3.0.9 and SeaMonkey do not block javascript: URIs in Refresh headers in HTTP
responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related
to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later
reported that Mozilla 1.7.x and earlier is also affected.
CVE-2009-1313
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9
allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary
code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for
CVE-2009-1302.
Other bugs:
- relocated Firefox in the menu entries
Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/766");
script_set_attribute(attribute:"solution", value:
"Update the affected firefox package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2009-1313");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2009-1308");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"vendor_severity", value:"High");
script_set_attribute(attribute:"vuln_publication_date", value:"2009/04/22");
script_set_attribute(attribute:"patch_publication_date", value:"2009/08/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:firefox");
script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Miracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);
if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);
var constraints = [
{
'release': '3',
'pkgs': [
{'reference':'firefox-3.0.10-1.2AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Feb 2026 00:00Current
8.4High risk
Vulners AI Score8.4
CVSS 29.3
EPSS0.32166