Lucene search
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2012-709.NASLHistoryJun 13, 2014 - 12:00 a.m.
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1345-1)
2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
The Mozilla suite received following security updates (bnc#783533) :
Mozilla Firefox was updated to 16.0.1. Mozilla SeaMonkey was updated to 2.13.1. Mozilla Thunderbird was updated to 16.0.1. Mozilla XULRunner was updated to 16.0.1.
-
MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous memory safety hazards
-
MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) defaultValue security checks not applied
-
MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous memory safety hazards
-
MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element persistance allows for attacks
-
MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued access to initial origin after setting document.domain
-
MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some DOMWindowUtils methods bypass security checks
-
MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash with full screen and history navigation
-
MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with invalid cast when using instanceof operator
-
MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty function can bypass security checks
-
MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and location property accessible by plugins
-
MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) Chrome Object Wrapper (COW) does not disallow access to privileged functions or properties
-
MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and script injection through location.hash
-
MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer
-
MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ CVE-2012-4188 Heap memory corruption issues found using Address Sanitizer
-
MFSA 2012-87/CVE-2012-3990 (bmo#787704)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2012-709.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(74779);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2012-3982", "CVE-2012-3983", "CVE-2012-3984", "CVE-2012-3985", "CVE-2012-3986", "CVE-2012-3988", "CVE-2012-3989", "CVE-2012-3990", "CVE-2012-3991", "CVE-2012-3992", "CVE-2012-3993", "CVE-2012-3994", "CVE-2012-3995", "CVE-2012-4179", "CVE-2012-4180", "CVE-2012-4181", "CVE-2012-4182", "CVE-2012-4183", "CVE-2012-4184", "CVE-2012-4185", "CVE-2012-4186", "CVE-2012-4187", "CVE-2012-4188", "CVE-2012-4191", "CVE-2012-4192", "CVE-2012-4193");
script_name(english:"openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1345-1)");
script_summary(english:"Check for the openSUSE-2012-709 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The Mozilla suite received following security updates (bnc#783533) :
Mozilla Firefox was updated to 16.0.1. Mozilla SeaMonkey was
updated to 2.13.1. Mozilla Thunderbird was updated to
16.0.1. Mozilla XULRunner was updated to 16.0.1.
- MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous
memory safety hazards
- MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952,
bmo#720619) defaultValue security checks not applied
- MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous
memory safety hazards
- MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element
persistance allows for attacks
- MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued access
to initial origin after setting document.domain
- MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some
DOMWindowUtils methods bypass security checks
- MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash
with full screen and history navigation
- MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with
invalid cast when using instanceof operator
- MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty
function can bypass security checks
- MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and
location property accessible by plugins
- MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101,
bmo#780370) Chrome Object Wrapper (COW) does not
disallow access to privileged functions or properties
- MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and
script injection through location.hash
- MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
Use-after-free, buffer overflow, and out of bounds read
issues found using Address Sanitizer
- MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
CVE-2012-4188 Heap memory corruption issues found using
Address Sanitizer
- MFSA 2012-87/CVE-2012-3990 (bmo#787704)"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=783533"
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.opensuse.org/opensuse-updates/2012-10/msg00054.html"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected MozillaFirefox packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:enigmail");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:enigmail-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-kde4-integration");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-kde4-integration-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-kde4-integration-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-irc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-translations-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-translations-other");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-venkman");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-buildsymbols");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.2");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/10");
script_set_attribute(attribute:"patch_publication_date", value:"2012/10/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.1|SUSE12\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1 / 12.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-16.0.1-2.46.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-branding-upstream-16.0.1-2.46.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-buildsymbols-16.0.1-2.46.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-debuginfo-16.0.1-2.46.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-debugsource-16.0.1-2.46.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-devel-16.0.1-2.46.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-translations-common-16.0.1-2.46.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-translations-other-16.0.1-2.46.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-buildsymbols-16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-debuginfo-16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-debugsource-16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-devel-16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-devel-debuginfo-16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-translations-common-16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-translations-other-16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"enigmail-1.4.5.+16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"enigmail-debuginfo-1.4.5.+16.0.1-33.35.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mozilla-js-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mozilla-js-debuginfo-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mozilla-kde4-integration-0.6.4-6.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mozilla-kde4-integration-debuginfo-0.6.4-6.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mozilla-kde4-integration-debugsource-0.6.4-6.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-2.13.1-2.37.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-debuginfo-2.13.1-2.37.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-debugsource-2.13.1-2.37.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-dom-inspector-2.13.1-2.37.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-irc-2.13.1-2.37.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-translations-common-2.13.1-2.37.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-translations-other-2.13.1-2.37.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-venkman-2.13.1-2.37.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-buildsymbols-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-debuginfo-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-debugsource-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-devel-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-devel-debuginfo-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"mozilla-js-32bit-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"mozilla-js-debuginfo-32bit-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"xulrunner-32bit-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"xulrunner-debuginfo-32bit-16.0.1-2.41.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-16.0.1-2.17.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-branding-upstream-16.0.1-2.17.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-buildsymbols-16.0.1-2.17.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-debuginfo-16.0.1-2.17.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-debugsource-16.0.1-2.17.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-devel-16.0.1-2.17.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-translations-common-16.0.1-2.17.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-translations-other-16.0.1-2.17.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-buildsymbols-16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-debuginfo-16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-debugsource-16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-devel-16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-devel-debuginfo-16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-translations-common-16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-translations-other-16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"enigmail-1.4.5.+16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"enigmail-debuginfo-1.4.5.+16.0.1-49.15.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"mozilla-js-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"mozilla-js-debuginfo-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"mozilla-kde4-integration-0.6.4-10.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"mozilla-kde4-integration-debuginfo-0.6.4-10.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"mozilla-kde4-integration-debugsource-0.6.4-10.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-2.13.1-2.18.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-debuginfo-2.13.1-2.18.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-debugsource-2.13.1-2.18.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-dom-inspector-2.13.1-2.18.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-irc-2.13.1-2.18.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-translations-common-2.13.1-2.18.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-translations-other-2.13.1-2.18.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-venkman-2.13.1-2.18.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-buildsymbols-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-debuginfo-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-debugsource-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-devel-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-devel-debuginfo-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"mozilla-js-32bit-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"mozilla-js-debuginfo-32bit-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xulrunner-32bit-16.0.1-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xulrunner-debuginfo-32bit-16.0.1-2.14.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | mozillafirefox-debuginfo | p-cpe:/a:novell:opensuse:mozillafirefox-debuginfo |
| novell | opensuse | mozillafirefox-debugsource | p-cpe:/a:novell:opensuse:mozillafirefox-debugsource |
| novell | opensuse | mozillafirefox-devel | p-cpe:/a:novell:opensuse:mozillafirefox-devel |
| novell | opensuse | mozillafirefox-translations-common | p-cpe:/a:novell:opensuse:mozillafirefox-translations-common |
| novell | opensuse | mozillafirefox | p-cpe:/a:novell:opensuse:mozillafirefox |
| novell | opensuse | mozillafirefox-branding-upstream | p-cpe:/a:novell:opensuse:mozillafirefox-branding-upstream |
| novell | opensuse | mozillafirefox-buildsymbols | p-cpe:/a:novell:opensuse:mozillafirefox-buildsymbols |
| novell | opensuse | mozillafirefox-translations-other | p-cpe:/a:novell:opensuse:mozillafirefox-translations-other |
| novell | opensuse | mozillathunderbird | p-cpe:/a:novell:opensuse:mozillathunderbird |
| novell | opensuse | mozillathunderbird-buildsymbols | p-cpe:/a:novell:opensuse:mozillathunderbird-buildsymbols |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3982
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3984
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3985
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3986
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3988
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3989
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3990
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3991
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3992
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3994
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4179
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4180
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4181
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4182
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4183
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4184
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4185
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4186
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4187
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4188
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4191
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4192
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
bugzilla.novell.com/show_bug.cgi?id=783533
lists.opensuse.org/opensuse-updates/2012-10/msg00054.html
Related
openvas
openvas
Ubuntu Update for thunderbird USN-1611-1
2012-10-16 00:00:00
Ubuntu Update for firefox USN-1600-1
2012-10-11 00:00:00
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2012:1345-1)
2012-12-13 00:00:00
nessus
nessus
SeaMonkey 2.x < 2.13 Multiple Vulnerabilities
2012-10-16 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : thunderbird vulnerabilities (USN-1611-1)
2012-10-15 00:00:00
Firefox < 10.0.8 Multiple Vulnerabilities (Mac OS X)
2012-10-17 00:00:00
suse
suse
MozillaFirefox: update to Firefox 16.0.1 (important)
2012-10-15 15:08:30
Security update for Mozilla Firefox (important)
2012-10-16 22:08:48
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-10-12 00:00:00
Firefox vulnerabilities
2012-10-09 00:00:00
Firefox vulnerabilities
2012-10-11 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:43:31
Denial Of Service (DoS)
2019-05-02 04:43:36
Arbitrary Code Execution
2019-05-02 04:43:33
oraclelinux
oraclelinux
thunderbird security update
2012-10-10 00:00:00
firefox security and bug fix update
2012-10-10 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-10-09 00:00:00
centos
centos
thunderbird security update
2012-10-10 13:53:37
firefox, xulrunner security update
2012-10-10 13:52:09
redhat
redhat
(RHSA-2012:1350) Critical: firefox security and bug fix update
2012-10-09 00:00:00
(RHSA-2012:1351) Critical: thunderbird security update
2012-10-09 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-10-29 00:00:00
osv
osv
icedove - several
2012-10-29 00:00:00
iceweasel - several
2012-10-23 00:00:00
iceape - several
2012-11-04 00:00:00
debian
debian
[SECURITY] [DSA 2565-1] iceweasel security update
2012-10-23 19:45:56
[SECURITY] [DSA 2569-1] icedove security update
2012-10-29 20:57:34
[SECURITY] [DSA 2572-1] iceape security update
2012-11-04 18:59:26
mozilla
mozilla
cve
cve
prion
prion
Design/Logic Flaw
2012-10-12 10:44:00
Code injection
2012-10-10 17:55:00
Cross site scripting
2012-10-10 17:55:00
ubuntucve
ubuntucve
Related for OPENSUSE-2012-709.NASL