Lucene search
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.MOZILLA_FIREFOX_1504.NASLHistoryJun 03, 2006 - 12:00 a.m.
Firefox < 1.5.0.4 Multiple Vulnerabilities
2006-06-0300:00:00
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
www.tenable.com
9
The installed version of Firefox is affected by various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user’s privileges.
#
# (C) Tenable Network Security, Inc.
#
if (NASL_LEVEL < 3004) exit(0);
include("compat.inc");
if (description)
{
script_id(21627);
script_version("1.22");
script_cve_id(
"CVE-2006-1942",
"CVE-2006-2775",
"CVE-2006-2776",
"CVE-2006-2777",
"CVE-2006-2778",
"CVE-2006-2779",
"CVE-2006-2780",
"CVE-2006-2782",
"CVE-2006-2783",
"CVE-2006-2784",
"CVE-2006-2785",
"CVE-2006-2786",
"CVE-2006-2787"
);
script_bugtraq_id(18228);
script_name(english:"Firefox < 1.5.0.4 Multiple Vulnerabilities");
script_summary(english:"Checks version of Firefox");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a web browser that is affected by
multiple vulnerabilities." );
script_set_attribute(attribute:"description", value:
"The installed version of Firefox is affected by various security issues,
some of which may lead to execution of arbitrary code on the affected
host subject to the user's privileges." );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-31/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-32/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-33/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-34/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-35/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-36/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-37/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-38/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-39/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-41/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-42/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-43/" );
script_set_attribute(attribute:"solution", value:
"Upgrade to Firefox 1.5.0.4 or later." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(20, 94);
script_set_attribute(attribute:"plugin_publication_date", value: "2006/06/03");
script_set_attribute(attribute:"vuln_publication_date", value: "2006/05/05");
script_set_attribute(attribute:"patch_publication_date", value: "2006/06/01");
script_cvs_date("Date: 2018/07/16 14:09:14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
script_dependencies("mozilla_org_installed.nasl");
script_require_keys("Mozilla/Firefox/Version");
exit(0);
}
include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport");
installs = get_kb_list("SMB/Mozilla/Firefox/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox");
mozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'1.5.0.4', severity:SECURITY_HOLE);References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2775
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2776
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2777
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2779
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2780
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2786
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2787
www.mozilla.org/en-US/security/advisories/mfsa2006-31/
www.mozilla.org/en-US/security/advisories/mfsa2006-32/
www.mozilla.org/en-US/security/advisories/mfsa2006-33/
www.mozilla.org/en-US/security/advisories/mfsa2006-34/
www.mozilla.org/en-US/security/advisories/mfsa2006-35/
www.mozilla.org/en-US/security/advisories/mfsa2006-36/
www.mozilla.org/en-US/security/advisories/mfsa2006-37/
www.mozilla.org/en-US/security/advisories/mfsa2006-38/
www.mozilla.org/en-US/security/advisories/mfsa2006-39/
www.mozilla.org/en-US/security/advisories/mfsa2006-41/
www.mozilla.org/en-US/security/advisories/mfsa2006-42/
www.mozilla.org/en-US/security/advisories/mfsa2006-43/
Related
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2006-06-11 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2006-06-19 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200606-12 (mozilla-firefox)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200606-12 (mozilla-firefox)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-1120)
2008-01-17 00:00:00
nessus
nessus
GLSA-200606-12 : Mozilla Firefox: Multiple vulnerabilities
2006-06-16 00:00:00
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-1585)
2007-10-17 00:00:00
SeaMonkey < 1.0.2 Multiple Vulnerabilities
2006-06-03 00:00:00
osv
osv
mozilla-firefox - several vulnerabilities
2006-07-23 00:00:00
mozilla - several
2006-07-22 00:00:00
mozilla-thunderbird - several vulnerabilities
2006-08-02 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2006-06-23 08:11:46
debian
debian
ubuntu
ubuntu
Thunderbird vulnerabilities
2006-07-26 00:00:00
Firefox vulnerabilities
2006-07-25 00:00:00
mozilla vulnerabilities
2006-07-26 00:00:00
securityvulns
securityvulns
[USN-323-1] mozilla vulnerabilities
2006-07-27 00:00:00
[USN-297-3] Thunderbird vulnerabilities
2006-07-27 00:00:00
redhat
redhat
(RHSA-2006:0578) seamonkey security update (was mozilla)
2006-07-20 00:00:00
(RHSA-2006:0610) firefox security update
2006-07-28 00:00:00
(RHSA-2006:0611) thunderbird security update
2006-07-28 00:00:00
mozilla
mozilla
Fixes for crashes with potential memory corruption (rv:1.8.0.4) — Mozilla
2006-06-01 00:00:00
Privilege escalation using addSelectionListener — Mozilla
2006-06-01 00:00:00
File stealing by changing input type (variant) — Mozilla
2006-06-01 00:00:00
centos
centos
thunderbird security update
2006-07-29 11:51:27
firefox security update
2006-07-29 11:51:13
devhelp, seamonkey security update
2006-08-05 15:16:05
oraclelinux
oraclelinux
Critical firefox security update
2006-12-07 00:00:00
Critical thunderbird security update
2006-12-07 00:00:00
debiancve
debiancve
ubuntucve
ubuntucve
cve
cve
prion
prion
Design/Logic Flaw
2006-06-02 18:02:00
Design/Logic Flaw
2006-06-02 18:02:00
Memory corruption
2006-06-02 19:02:00
cert
cert
Mozilla contains multiple memory corruption vulnerabilities
2006-06-02 00:00:00
Mozilla privilege escalation using addSelectionListener
2006-06-02 00:00:00
Mozilla may associate persisted XUL attributes with an incorrect URL
2006-06-02 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox DOMNodeRemoved Memory Corruption (CVE-2006-2779)
2010-03-04 00:00:00
Related for MOZILLA_FIREFOX_1504.NASL