Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.MOZILLA_FIREFOX_1507.NASL
HistorySep 16, 2006 - 12:00 a.m.

Firefox < 1.5.0.7 Multiple Vulnerabilities

2006-09-1600:00:00
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
www.tenable.com
13
JSON

The installed version of Firefox is affected by various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user’s privileges.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(22369);
  script_version("1.26");
 script_cvs_date("Date: 2018/07/16 14:09:14");

  script_cve_id(
    "CVE-2006-4253",
    "CVE-2006-4340",
    "CVE-2006-4565",
    "CVE-2006-4566",
    "CVE-2006-4567",
    "CVE-2006-4568",
    "CVE-2006-4569",
    "CVE-2006-4571"
  );
  script_bugtraq_id(19488, 19534, 20042);

  script_name(english:"Firefox < 1.5.0.7 Multiple Vulnerabilities");
  script_summary(english:"Checks version of Firefox");

 script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a web browser that is affected by
multiple vulnerabilities.");
 script_set_attribute(attribute:"description", value:
"The installed version of Firefox is affected by various security
issues, some of which may lead to execution of arbitrary code on the
affected host subject to the user's privileges.");
 script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-57/");
 script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-58/");
 script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-59/");
 script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-60/");
 script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-61/");
 script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-62/");
 script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-64/");
 script_set_attribute(attribute:"solution", value:
"Upgrade to Firefox 1.5.0.7 or later.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_cwe_id(20, 79, 119, 264);

 script_set_attribute(attribute:"plugin_publication_date", value:"2006/09/16");
 script_set_attribute(attribute:"vuln_publication_date", value:"2006/08/12");
 script_set_attribute(attribute:"patch_publication_date", value:"2006/09/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");
  script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
  script_dependencies("mozilla_org_installed.nasl");
  script_require_keys("Mozilla/Firefox/Version");
  exit(0);
}

include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport");

installs = get_kb_list("SMB/Mozilla/Firefox/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox");

mozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'1.5.0.7', severity:SECURITY_HOLE);
VendorProductVersionCPE
mozillafirefoxcpe:/a:mozilla:firefox

References

Related

redhat 3
gentoo 4
nessus 40
openvas 20
ubuntu 4
oraclelinux 3
centos 4
freebsd 1
suse 2
osv 4
debian 3
cert 2
mozilla 7
veracode 8
ubuntucve 10
debiancve 10
cve 13
securityvulns 1
checkpoint_advisories 1
prion 2
redhat
redhat
(RHSA-2006:0675) firefox security update
2006-09-15 00:00:00
(RHSA-2006:0677) thunderbird security update
2006-09-15 00:00:00
(RHSA-2006:0676) seamonkey security update
2006-09-15 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2006-09-28 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2006-10-04 00:00:00
Seamonkey: Multiple vulnerabilities
2006-10-16 00:00:00
nessus
nessus
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2090)
2007-10-17 00:00:00
CentOS 4 : firefox (CESA-2006:0675)
2006-09-22 00:00:00
GLSA-200609-19 : Mozilla Firefox: Multiple vulnerabilities
2006-09-29 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200609-19 (Firefox)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200609-19 (Firefox)
2008-09-24 00:00:00
Ubuntu: Security Advisory (USN-351-1)
2022-08-26 00:00:00
ubuntu
ubuntu
firefox vulnerabilities
2006-09-23 00:00:00
Thunderbird vulnerabilities
2006-09-25 00:00:00
Thunderbird vulnerabilities
2006-09-22 00:00:00
oraclelinux
oraclelinux
Critical firefox security update
2006-12-07 00:00:00
Critical thunderbird security update
2006-12-07 00:00:00
Critical seamonkey security update
2006-12-07 00:00:00
centos
centos
firefox security update
2006-09-15 14:57:18
seamonkey security update
2006-09-17 23:20:54
devhelp, seamonkey security update
2006-09-15 14:57:11
freebsd
freebsd
mozilla -- multiple vulnerabilities
2006-09-14 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2006-09-22 13:02:47
RSA signature evasion in openssl,mozilla-nss
2006-09-22 15:25:59
osv
osv
mozilla-firefox
2006-11-14 00:00:00
mozilla
2006-10-06 00:00:00
mozilla-thunderbird
2006-10-05 00:00:00
debian
debian
[SECURITY] [DSA 1210-1] New Mozilla Firefox packages fix several vulnerabilities
2006-11-14 00:00:00
[SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities
2006-10-05 00:00:00
[SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities
2006-10-06 00:00:00
cert
cert
OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflow
2006-09-28 00:00:00
OpenSSL SSLv2 client code fails to properly check for NULL
2006-09-28 00:00:00
mozilla
mozilla
JavaScript Regular Expression Heap Corruption — Mozilla
2006-09-14 00:00:00
Crashes with evidence of memory corruption (rv:1.8.0.7) — Mozilla
2006-09-14 00:00:00
Concurrency-related vulnerability — Mozilla
2006-09-14 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 00:13:14
Denial Of Service (DoS)
2020-04-10 00:13:11
Spoofable SSL Certificate
2020-04-10 00:13:11
ubuntucve
ubuntucve
CVE-2006-4253
2006-08-21 00:00:00
CVE-2006-4571
2006-09-15 00:00:00
CVE-2006-4567
2006-09-15 00:00:00
debiancve
debiancve
CVE-2006-4253
2006-08-21 20:04:00
CVE-2006-4567
2006-09-15 18:07:00
CVE-2006-4571
2006-09-15 19:07:00
cve
cve
CVE-2006-4571
2006-09-15 19:07:00
CVE-2006-4567
2006-09-15 18:07:00
CVE-2006-4253
2006-08-21 20:04:00
securityvulns
securityvulns
Microsoft ClickOnce MITM Vulnerabilities
2010-07-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Products Regular Expressions Heap Corruption (CVE-2006-4566)
2009-10-15 00:00:00
prion
prion
Code injection
2018-11-07 20:29:00
Code injection
2007-06-06 21:30:00
JSON
Related for MOZILLA_FIREFOX_1507.NASL
redhat3gentoo4nessus40openvas20ubuntu4oraclelinux3centos4freebsd1suse2osv4debian3cert2mozilla7veracode8ubuntucve10debiancve10cve13securityvulns1checkpoint_advisories1prion2