Lucene search
This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.MOZILLA_SOAPPARAMETER_OVERFLOW.NASLHistoryAug 02, 2004 - 12:00 a.m.
Mozilla SOAPParameter Object Constructor Overlow
2004-08-0200:00:00
This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
www.tenable.com
12
The Mozilla web browser is installed on the remote host.
The remote version of this software has an integer overflow vulnerability in the SOAPParameter object constructor. This could result in arbitrary code execution.
A remote attacker could exploit this flaw by tricking a user into viewing a maliciously crafted web page.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if(description)
{
script_id(14192);
script_version("1.20");
script_cve_id("CVE-2004-0722");
script_bugtraq_id(10843);
script_name(english:"Mozilla SOAPParameter Object Constructor Overlow");
script_summary(english:"Determines the version of Mozilla");
script_set_attribute( attribute:"synopsis", value:
"The remote Windows host contains a web browser that is affected by
an integer overflow vulnerability." );
script_set_attribute( attribute:"description", value:
"The Mozilla web browser is installed on the remote host.
The remote version of this software has an integer overflow
vulnerability in the SOAPParameter object constructor. This could
result in arbitrary code execution.
A remote attacker could exploit this flaw by tricking a user into
viewing a maliciously crafted web page." );
script_set_attribute(
attribute:"solution",
value:"Upgrade to Mozilla 1.7.1 or later."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value: "2004/08/02");
script_set_attribute(attribute:"vuln_publication_date", value: "2004/08/02");
script_set_attribute(attribute:"patch_publication_date", value: "2004/08/02");
script_cvs_date("Date: 2018/07/16 14:09:15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe",value:"cpe:/a:mozilla:mozilla");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
script_dependencies("mozilla_org_installed.nasl");
script_require_keys("Mozilla/Version");
exit(0);
}
include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport");
installs = get_kb_list("SMB/Mozilla/Firefox/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, 'Firefox');
mozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'1.7.1', severity:SECURITY_HOLE);
Related
nessus
nessus
FreeBSD : mozilla -- SOAPParameter integer overflow (117)
2004-09-16 00:00:00
FreeBSD : mozilla -- SOAPParameter integer overflow (a4fd8f53-05eb-11d9-b45d-000c41e2cdad)
2009-04-23 00:00:00
RHEL 2.1 / 3 : mozilla (RHSA-2004:421)
2004-08-05 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla SOAPParameter Integer Overflow (CVE-2004-0722)
2010-03-15 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
SLES9: Security update for Mozilla
2009-10-10 00:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2004-0722
2004-08-03 04:00:00
freebsd
freebsd
mozilla -- SOAPParameter integer overflow
2004-08-02 00:00:00
cve
cve
CVE-2004-0722
2004-08-18 04:00:00
redhat
redhat
(RHSA-2004:421) mozilla security update
2004-08-04 00:00:00
suse
suse
remote DoS condition in apache2
2004-09-06 13:51:41
remote code execution in cups
2004-09-15 14:45:26
remote file disclosure in samba
2004-10-05 14:57:32
slackware
slackware
[slackware-security] Mozilla
2004-08-10 21:17:12
Related for MOZILLA_SOAPPARAMETER_OVERFLOW.NASL