Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.MOZILLA_FIREFOX_367.NASL
HistoryJul 22, 2010 - 12:00 a.m.

Firefox 3.6 < 3.6.7 Multiple Vulnerabilities

2010-07-2200:00:00
This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
www.tenable.com
15
JSON

The installed version of Firefox 3.6.x is earlier than 3.6.7. Such versions are potentially affected by the following security issues :

  • Multiple memory safety bugs could result in memory corruption, potentially resulting in arbitrary code execution. (MFSA 2010-34)

  • An error in DOM attribute cloning could result in arbitrary code execution. (MFSA 2010-35)

  • An error in Mozilla’s ‘NodeIterator’ implementation could lead to arbitrary code execution. (MFSA 2010-36)

  • An error in the code to store the names and values of plugin parameters could lead arbitrary code execution.
    (MFSA 2010-37)

  • It may be possible to run arbitrary JavaScript with chrome privileges using SJOW and fast native function. (MFSA 2010-38)

  • The array class used to store CSS values is affected by an integer overflow vulnerability. (MFSA 2010-39)

  • An integer overflow vulnerability exists in the ‘selection’ attribute of XUL <tree> element.
    (MFSA 2010-40)

  • A buffer overflow vulnerability in Mozilla graphics code could lead to arbitrary code execution.
    (MFSA 2010-41)

  • It is possible to read and parse resources from other domains even when the content is not valid JavaScript leading to cross-domain data disclosure. (MFSA 2010-42)

  • The canvas element can be used to read data from another site leading to a same-origin bypass vulnerability.
    (MFSA 2010-43)

  • Characters mapped to U+FFFD in 8 bit encodings could cause subsequent characters to disappear, potentially contributing to cross-site scripting issues on certain websites. (MFSA 2010-44)

  • Multiple location bar spoofing vulnerabilities exist.
    (MFSA 2010-45)

  • It is possible to read data across domains by injecting bogus CSS selectors into a target site.
    (MFSA 2010-46)

  • Potentially sensitive URL parameters could be leaked across domains via script errors. (MFSA 2010-47)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(47782);
  script_version("1.20");
  script_cvs_date("Date: 2018/07/16 14:09:14");

  script_cve_id(
    "CVE-2010-0654",
    "CVE-2010-1206",
    "CVE-2010-1207",
    "CVE-2010-1208",
    "CVE-2010-1209",
    "CVE-2010-1210",
    "CVE-2010-1211",
    "CVE-2010-1212",
    "CVE-2010-1213",
    "CVE-2010-1214",
    "CVE-2010-1215",
    "CVE-2010-2751",
    "CVE-2010-2752",
    "CVE-2010-2753",
    "CVE-2010-2754"
  );
  script_bugtraq_id(
    41842,
    41845,
    41849,
    41852,
    41853,
    41859,
    41860,
    41865,
    41866,
    41868,
    41871,
    41872,
    41878,
    41968
  );
  script_xref(name:"Secunia", value:"39925");
  script_xref(name:"Secunia", value:"40283");

  script_name(english:"Firefox 3.6 < 3.6.7 Multiple Vulnerabilities");
  script_summary(english:"Checks version of Firefox");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a web browser that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The installed version of Firefox 3.6.x is earlier than 3.6.7.  Such
versions are potentially affected by the following security issues :

  - Multiple memory safety bugs could result in memory
    corruption, potentially resulting in arbitrary code
    execution. (MFSA 2010-34)

  - An error in DOM attribute cloning could result in
    arbitrary code execution. (MFSA 2010-35)

  - An error in Mozilla's 'NodeIterator' implementation
    could lead to arbitrary code execution. (MFSA 2010-36)

  - An error in the code to store the names and values of
    plugin parameters could lead arbitrary code execution.
    (MFSA 2010-37)

  - It may be possible to run arbitrary JavaScript with
    chrome privileges using SJOW and fast native
    function. (MFSA 2010-38)

  - The array class used to store CSS values is affected
    by an integer overflow vulnerability. (MFSA 2010-39)

  - An integer overflow vulnerability exists in the
    'selection' attribute of XUL <tree> element.
    (MFSA 2010-40)

  - A buffer overflow vulnerability in Mozilla graphics
    code could lead to arbitrary code execution.
    (MFSA 2010-41)

  - It is possible to read and parse resources from other
    domains even when the content is not valid JavaScript
    leading to cross-domain data disclosure. (MFSA 2010-42)

  - The canvas element can be used to read data from another
    site leading to a same-origin bypass vulnerability.
    (MFSA 2010-43)

  - Characters mapped to U+FFFD in 8 bit encodings could
    cause subsequent characters to disappear, potentially
    contributing to cross-site scripting issues on certain
    websites. (MFSA 2010-44)

  - Multiple location bar spoofing vulnerabilities exist.
    (MFSA 2010-45)

  - It is possible to read data across domains by
    injecting bogus CSS selectors into a target site.
    (MFSA 2010-46)

  - Potentially sensitive URL parameters could be leaked
    across domains via script errors. (MFSA 2010-47)");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-34/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-35/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-36/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-37/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-38/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-39/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-40/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-41/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-42/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-43/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-44/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-45/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-46/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-47/");

 script_set_attribute(attribute:"solution", value:"Upgrade to Firefox 3.6.7 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
 script_cwe_id(94);
  script_set_attribute(attribute:"vuln_publication_date", value:"2009/10/23"); # (MFSA 2010-46)
  script_set_attribute(attribute:"patch_publication_date", value:"2010/07/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/22");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");
  script_dependencies("mozilla_org_installed.nasl");
  script_require_keys("Mozilla/Firefox/Version");
  exit(0);
}

include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport"); 

installs = get_kb_list("SMB/Mozilla/Firefox/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox");

mozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'3.6.7', min:'3.6', severity:SECURITY_HOLE);
VendorProductVersionCPE
mozillafirefoxcpe:/a:mozilla:firefox

References

Related

fedora 20
oraclelinux 3
openvas 77
nessus 46
redhat 4
freebsd 1
securityvulns 7
ubuntu 5
centos 4
suse 1
debian 3
osv 1
mozilla 4
veracode 5
prion 5
cve 4
ubuntucve 7
threatpost 1
zdi 1
fedora
fedora
[SECURITY] Fedora 13 Update: perl-Gtk2-MozEmbed-0.08-6.fc13.15
2010-07-23 02:37:40
[SECURITY] Fedora 13 Update: firefox-3.6.7-1.fc13
2010-07-23 02:37:40
[SECURITY] Fedora 13 Update: gnome-python2-extras-2.25.3-20.fc13
2010-07-23 02:37:40
oraclelinux
oraclelinux
firefox security update
2010-07-21 00:00:00
seamonkey security update
2010-07-21 00:00:00
thunderbird security update
2010-07-21 00:00:00
openvas
openvas
Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-11345
2010-07-23 00:00:00
FreeBSD Ports: firefox
2010-08-21 00:00:00
FreeBSD Ports: firefox
2010-08-21 00:00:00
nessus
nessus
FreeBSD : mozilla -- multiple vulnerabilities (8c2ea875-9499-11df-8e32-000f20797ede)
2010-07-22 00:00:00
openSUSE Security Update : MozillaFirefox (MozillaFirefox-2807)
2014-06-13 00:00:00
Fedora 13 : firefox-3.6.7-1.fc13 / galeon-2.0.7-30.fc13 / gnome-python2-extras-2.25.3-20.fc13 / etc (2010-11345)
2010-07-23 00:00:00
redhat
redhat
(RHSA-2010:0547) Critical: firefox security update
2010-07-20 00:00:00
(RHSA-2010:0546) Critical: seamonkey security update
2010-07-20 00:00:00
(RHSA-2010:0544) Moderate: thunderbird security update
2010-07-20 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-07-20 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2010-07-24 00:00:00
Mozilla Foundation Security Advisory 2010-34
2010-07-24 00:00:00
Mozilla Foundation Security Advisory 2010-45
2010-07-24 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-07-23 00:00:00
Firefox and Xulrunner vulnerability
2010-07-26 00:00:00
Thunderbird vulnerabilities
2010-07-26 00:00:00
centos
centos
firefox, xulrunner security update
2010-07-22 15:29:05
seamonkey security update
2010-08-16 21:36:58
thunderbird security update
2010-08-06 23:32:55
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2010-07-30 13:10:04
debian
debian
[Backports-security-announce] Security Update for xulrunner
2010-07-21 09:30:33
[Backports-security-announce] Security Update for xulrunner
2010-07-21 09:30:16
[SECURITY] [DSA 2075-1] New xulrunner packages fix several vulnerabilities
2010-07-27 19:47:37
osv
osv
xulrunner - several vulnerabilities
2010-07-27 00:00:00
mozilla
mozilla
Multiple location bar spoofing vulnerabilities — Mozilla
2010-07-20 00:00:00
Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11) — Mozilla
2010-07-20 00:00:00
Same-origin bypass using canvas context — Mozilla
2010-07-20 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:46:06
Spoofing Attack
2020-04-10 00:46:13
Information Disclosure
2020-04-10 00:46:04
prion
prion
Design/Logic Flaw
2010-07-30 20:30:00
Arbitrary file deletion
2010-07-30 20:30:00
Design/Logic Flaw
2010-07-30 20:30:00
cve
cve
CVE-2010-2751
2010-07-30 20:30:00
CVE-2010-1207
2010-07-30 20:30:00
CVE-2010-1209
2010-07-30 20:30:00
ubuntucve
ubuntucve
CVE-2010-1207
2010-07-23 00:00:00
CVE-2010-1210
2010-07-23 00:00:00
CVE-2010-1212
2010-07-23 00:00:00
threatpost
threatpost
Mozilla Patches Firefox DLL Load Hijacking Bug
2010-09-08 14:01:59
zdi
zdi
Mozilla Firefox NodeIterator Remote Code Execution Vulnerability
2010-07-20 00:00:00
JSON
Related for MOZILLA_FIREFOX_367.NASL
fedora20oraclelinux3openvas77nessus46redhat4freebsd1securityvulns7ubuntu5centos4suse1debian3osv1mozilla4veracode5prion5cve4ubuntucve7threatpost1zdi1