Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.MOZILLA_FIREFOX_103.NASL
HistoryApr 16, 2005 - 12:00 a.m.

Firefox < 1.0.3 Multiple Vulnerabilities

2005-04-1600:00:00
This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
www.tenable.com
17
JSON

The remote version of this software contains various security issues that may allow an attacker to execute arbitrary code on the remote host.

#
# (C) Tenable Network Security, Inc.
#

if (NASL_LEVEL < 3004) exit(1);


include("compat.inc");

if(description)
{
 script_id(18064);
 script_version("1.21");

 script_cve_id(
   "CVE-2005-0752", 
   "CVE-2005-0989", 
   "CVE-2005-1153", 
   "CVE-2005-1154", 
   "CVE-2005-1154",
   "CVE-2005-1155", 
   "CVE-2005-1156",
   "CVE-2005-1157", 
   "CVE-2005-1158", 
   "CVE-2005-1159",
   "CVE-2005-1160"
 );
 script_bugtraq_id(
   12988, 
   13211, 
   13216, 
   13228, 
   13229, 
   13230, 
   13231, 
   13232, 
   13233
 );

 script_name(english:"Firefox < 1.0.3 Multiple Vulnerabilities");

 script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote host contains multiple
vulnerabilities." );
 script_set_attribute(attribute:"description", value:
"The remote version of this software contains various security issues
that may allow an attacker to execute arbitrary code on the remote
host." );
 # http://web.archive.org/web/20050424025737/http://www.mozilla.org/security/announce/mfsa2005-33.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ceb3c0f7" );
 # http://web.archive.org/web/20050608082720/http://www.mozilla.org/security/announce/mfsa2005-34.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7a2c667" );
 # http://web.archive.org/web/20050615075401/http://www.mozilla.org/security/announce/mfsa2005-35.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f22f8e9e" );
 # http://web.archive.org/web/20050528080947/http://www.mozilla.org/security/announce/mfsa2005-36.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b4c03071" );
 # http://web.archive.org/web/20050529084146/http://www.mozilla.org/security/announce/mfsa2005-37.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bd46bb25" );
 # http://web.archive.org/web/20050531081142/http://www.mozilla.org/security/announce/mfsa2005-38.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e0cd66aa" );
 # http://web.archive.org/web/20050602085103/http://www.mozilla.org/security/announce/mfsa2005-39.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c11e0f3c" );
 # http://web.archive.org/web/20050622083441/http://www.mozilla.org/security/announce/mfsa2005-40.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?50a4385d" );
 # http://web.archive.org/web/20050625084141/http://www.mozilla.org/security/announce/mfsa2005-41.html
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d0dac446" );
 script_set_attribute(attribute:"solution", value:
"Upgrade to Firefox 1.0.3 or later." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"plugin_publication_date", value: "2005/04/16");
 script_set_attribute(attribute:"vuln_publication_date", value: "2005/03/31");
 script_set_attribute(attribute:"patch_publication_date", value: "2005/04/18");
 script_cvs_date("Date: 2018/07/16 14:09:14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
script_end_attributes();

 script_summary(english:"Determines the version of Firefox");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows");
 script_dependencies("mozilla_org_installed.nasl");
 script_require_keys("Mozilla/Firefox/Version");
 exit(0);
}

#
include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport"); 

installs = get_kb_list("SMB/Mozilla/Firefox/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox");

mozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'1.0.3', severity:SECURITY_HOLE);
VendorProductVersionCPE
mozillafirefoxcpe:/a:mozilla:firefox

Related

suse 3
redhat 4
nessus 30
centos 5
openvas 24
ubuntu 8
gentoo 2
osv 4
debian 5
cve 11
ubuntucve 11
cert 2
checkpoint_advisories 3
mozilla 2
freebsd 2
securityvulns 1
suse
suse
remote code execution in Mozilla. Mozilla Firefox
2005-04-27 14:48:46
remote code execution in MozillaThunderbird
2006-04-25 13:15:04
remote code execution in phpMyAdmin
2006-01-26 13:53:52
redhat
redhat
(RHSA-2005:383) firefox security update
2005-04-21 00:00:00
(RHSA-2005:386) Mozilla security update
2005-04-26 00:00:00
(RHSA-2005:384) Mozilla security update
2005-04-28 00:00:00
nessus
nessus
SUSE-SA:2005:028: Mozilla. Mozilla Firefox
2005-04-28 00:00:00
CentOS 4 : Firefox (CESA-2005:383)
2006-07-05 00:00:00
RHEL 4 : firefox (RHSA-2005:383)
2005-04-21 00:00:00
centos
centos
firefox security update
2005-04-21 11:02:39
mozilla security update
2005-04-26 19:07:32
mozilla security update
2005-04-29 03:28:26
openvas
openvas
Ubuntu: Security Advisory (USN-124-1)
2022-08-26 00:00:00
Debian: Security Advisory (DSA-781-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 781-1 (mozilla-thunderbird)
2008-01-17 00:00:00
ubuntu
ubuntu
Mozilla and Firefox vulnerabilities
2005-05-11 00:00:00
Mozilla Thunderbird vulnerabilities
2005-08-01 00:00:00
Ubuntu 4.10 update for Firefox vulnerabilities
2005-07-28 00:00:00
gentoo
gentoo
Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities
2005-04-19 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2005-07-18 00:00:00
osv
osv
mozilla-thunderbird - several
2005-08-23 00:00:00
mozilla-firefox - several vulnerabilities
2006-07-23 00:00:00
mozilla - several
2006-07-22 00:00:00
debian
debian
[SECURITY] [DSA 781-1] New Mozilla Thunderbird packages fix several vulnerabilities
2005-08-23 00:00:00
[SECURITY] [DSA 781-1] New Mozilla Thunderbird packages fix several vulnerabilities
2005-08-23 09:40:29
[SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities
2006-07-23 00:00:00
cve
cve
CVE-2005-1157
2005-05-02 04:00:00
CVE-2005-1153
2005-05-02 04:00:00
CVE-2005-1156
2005-05-02 04:00:00
ubuntucve
ubuntucve
CVE-2005-1157
2005-05-02 00:00:00
CVE-2005-1159
2005-05-02 00:00:00
CVE-2005-1156
2005-05-02 00:00:00
cert
cert
Mozilla may execute JavaScript with elevated privileges when defined in site icon tag
2005-04-19 00:00:00
Mozilla Firefox fails to properly perform security checks on "_search" target
2005-04-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Link Tag Code Execution - Ver2 (CVE-2005-1155)
2014-03-03 00:00:00
Mozilla Firefox JavaScript Engine Information Disclosure (CVE-2005-0989)
2009-10-29 00:00:00
Firefox Plugin Finder Javascript Injection - Ver2 (CVE-2005-0752)
2014-03-31 00:00:00
mozilla
mozilla
Javascript "lambda" replace exposes memory contents — Mozilla
2005-04-15 00:00:00
PLUGINSPAGE privileged javascript execution — Mozilla
2005-04-15 00:00:00
freebsd
freebsd
mozilla -- javascript "lambda" replace exposes memory contents
2005-04-01 00:00:00
firefox -- PLUGINSPAGE privileged javascript execution
2005-03-31 00:00:00
securityvulns
securityvulns
[USN-323-1] mozilla vulnerabilities
2006-07-27 00:00:00
JSON
Related for MOZILLA_FIREFOX_103.NASL
suse3redhat4nessus30centos5openvas24ubuntu8gentoo2osv4debian5cve11ubuntucve11cert2checkpoint_advisories3mozilla2freebsd2securityvulns1