Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2013-141.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : Mozilla (openSUSE-SU-2013:0323-1)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.027 Low

EPSS

Percentile

90.5%

JSON

MozillaFirefox was updated to Firefox 19.0 (bnc#804248) MozillaThunderbird was updated to Thunderbird 17.0.3 (bnc#804248) seamonkey was updated to SeaMonkey 2.16 (bnc#804248) xulrunner was updated to 17.0.3esr (bnc#804248) chmsee was updated to version 2.0.

Changes in MozillaFirefox 19.0 :

  • MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards

  • MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering

  • MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again

  • MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers

  • MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers

  • MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent

  • MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy

  • MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer

  • removed obsolete patches

  • mozilla-webrtc.patch

  • mozilla-gstreamer-803287.patch

  • added patch to fix session restore window order (bmo#712763)

  • update to Firefox 18.0.2

  • blocklist and CTP updates

  • fixes in JS engine

  • update to Firefox 18.0.1

  • blocklist updates

  • backed out bmo#677092 (removed patch)

  • fixed problems involving HTTP proxy transactions

  • Fix WebRTC to build on powerpc

Changes in MozillaThunderbird :

  • update to Thunderbird 17.0.3 (bnc#804248)

  • MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards

  • MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers

  • MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers

  • MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent

  • MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy

  • MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer

  • update Enigmail to 1.5.1

  • The release fixes the regressions found in the past few weeks

Changes in seamonkey :

  • update to SeaMonkey 2.16 (bnc#804248)

  • MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards

  • MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering

  • MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again

  • MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers

  • MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers

  • MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent

  • MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy

  • MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer

  • removed obsolete patches

  • mozilla-webrtc.patch

  • mozilla-gstreamer-803287.patch

  • update to SeaMonkey 2.15.2

  • Applications could not be removed from the ‘Application details’ dialog under Preferences, Helper Applications (bmo#826771).

  • View / Message Body As could show menu items out of context (bmo#831348)

  • update to SeaMonkey 2.15.1

  • backed out bmo#677092 (removed patch)

  • fixed problems involving HTTP proxy transactions

  • backed out restartless language packs as it broke multi-locale setup (bmo#677092, bmo#818468)

Changes in xulrunner :

  • update to 17.0.3esr (bnc#804248)

  • MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards

  • MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers

  • MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers

  • MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent

  • MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy

  • MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2013-141.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(74898);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-0765", "CVE-2013-0772", "CVE-2013-0773", "CVE-2013-0774", "CVE-2013-0775", "CVE-2013-0776", "CVE-2013-0777", "CVE-2013-0778", "CVE-2013-0779", "CVE-2013-0780", "CVE-2013-0781", "CVE-2013-0782", "CVE-2013-0783");

  script_name(english:"openSUSE Security Update : Mozilla (openSUSE-SU-2013:0323-1)");
  script_summary(english:"Check for the openSUSE-2013-141 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"MozillaFirefox was updated to Firefox 19.0 (bnc#804248)
MozillaThunderbird was updated to Thunderbird 17.0.3 (bnc#804248)
seamonkey was updated to SeaMonkey 2.16 (bnc#804248) xulrunner was
updated to 17.0.3esr (bnc#804248) chmsee was updated to version 2.0.

Changes in MozillaFirefox 19.0 :

  - MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous
    memory safety hazards

  - MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds
    read in image rendering

  - MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL
    objects can be wrapped again

  - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content
    bypass of COW and SOW security wrappers

  - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in
    JavaScript Workers

  - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free
    in nsImageLoadingContent

  - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on
    HTTPS connection through malicious proxy

  - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
    CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
    Use-after-free, out of bounds read, and buffer overflow
    issues found using Address Sanitizer

  - removed obsolete patches

  - mozilla-webrtc.patch

  - mozilla-gstreamer-803287.patch

  - added patch to fix session restore window order
    (bmo#712763)

  - update to Firefox 18.0.2

  - blocklist and CTP updates

  - fixes in JS engine

  - update to Firefox 18.0.1

  - blocklist updates

  - backed out bmo#677092 (removed patch)

  - fixed problems involving HTTP proxy transactions

  - Fix WebRTC to build on powerpc

Changes in MozillaThunderbird :

  - update to Thunderbird 17.0.3 (bnc#804248)

  - MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety
    hazards

  - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content
    bypass of COW and SOW security wrappers

  - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in
    JavaScript Workers

  - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free
    in nsImageLoadingContent

  - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on
    HTTPS connection through malicious proxy

  - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free,
    out of bounds read, and buffer overflow issues found
    using Address Sanitizer

  - update Enigmail to 1.5.1

  - The release fixes the regressions found in the past few
    weeks

Changes in seamonkey :

  - update to SeaMonkey 2.16 (bnc#804248)

  - MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous
    memory safety hazards

  - MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds
    read in image rendering

  - MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL
    objects can be wrapped again

  - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content
    bypass of COW and SOW security wrappers

  - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in
    JavaScript Workers

  - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free
    in nsImageLoadingContent

  - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on
    HTTPS connection through malicious proxy

  - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
    CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
    Use-after-free, out of bounds read, and buffer overflow
    issues found using Address Sanitizer

  - removed obsolete patches

  - mozilla-webrtc.patch

  - mozilla-gstreamer-803287.patch

  - update to SeaMonkey 2.15.2

  - Applications could not be removed from the 'Application
    details' dialog under Preferences, Helper Applications
    (bmo#826771).

  - View / Message Body As could show menu items out of
    context (bmo#831348)

  - update to SeaMonkey 2.15.1

  - backed out bmo#677092 (removed patch)

  - fixed problems involving HTTP proxy transactions

  - backed out restartless language packs as it broke
    multi-locale setup (bmo#677092, bmo#818468)

Changes in xulrunner :

  - update to 17.0.3esr (bnc#804248)

  - MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety
    hazards

  - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content
    bypass of COW and SOW security wrappers

  - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in
    JavaScript Workers

  - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free
    in nsImageLoadingContent

  - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on
    HTTPS connection through malicious proxy

  - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free,
    out of bounds read, and buffer overflow issues found
    using Address Sanitizer"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=796895"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=804248"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2013-02/msg00061.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected Mozilla packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chmsee");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chmsee-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chmsee-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:enigmail");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:enigmail-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-irc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-translations-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-translations-other");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-venkman");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-buildsymbols");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xulrunner-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/02/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.1|SUSE12\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1 / 12.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-19.0-2.62.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-branding-upstream-19.0-2.62.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-buildsymbols-19.0-2.62.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-debuginfo-19.0-2.62.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-debugsource-19.0-2.62.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-devel-19.0-2.62.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-translations-common-19.0-2.62.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaFirefox-translations-other-19.0-2.62.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-buildsymbols-17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-debuginfo-17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-debugsource-17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-devel-17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-devel-debuginfo-17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-translations-common-17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"MozillaThunderbird-translations-other-17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"chmsee-2.0-2.32.3") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"chmsee-debuginfo-2.0-2.32.3") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"chmsee-debugsource-2.0-2.32.3") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"enigmail-1.5.1+17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"enigmail-debuginfo-1.5.1+17.0.3-33.51.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mozilla-js-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mozilla-js-debuginfo-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-2.16-2.53.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-debuginfo-2.16-2.53.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-debugsource-2.16-2.53.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-dom-inspector-2.16-2.53.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-irc-2.16-2.53.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-translations-common-2.16-2.53.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-translations-other-2.16-2.53.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"seamonkey-venkman-2.16-2.53.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-buildsymbols-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-debuginfo-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-debugsource-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-devel-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"xulrunner-devel-debuginfo-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"mozilla-js-32bit-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"mozilla-js-debuginfo-32bit-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"xulrunner-32bit-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"xulrunner-debuginfo-32bit-17.0.3-2.57.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-19.0-2.33.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-branding-upstream-19.0-2.33.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-buildsymbols-19.0-2.33.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-debuginfo-19.0-2.33.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-debugsource-19.0-2.33.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-devel-19.0-2.33.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-translations-common-19.0-2.33.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaFirefox-translations-other-19.0-2.33.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-buildsymbols-17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-debuginfo-17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-debugsource-17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-devel-17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-devel-debuginfo-17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-translations-common-17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"MozillaThunderbird-translations-other-17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"chmsee-2.0-2.14.3") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"chmsee-debuginfo-2.0-2.14.3") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"chmsee-debugsource-2.0-2.14.3") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"enigmail-1.5.1+17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"enigmail-debuginfo-1.5.1+17.0.3-49.31.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"mozilla-js-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"mozilla-js-debuginfo-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-2.16-2.34.2") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-debuginfo-2.16-2.34.2") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-debugsource-2.16-2.34.2") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-dom-inspector-2.16-2.34.2") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-irc-2.16-2.34.2") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-translations-common-2.16-2.34.2") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-translations-other-2.16-2.34.2") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"seamonkey-venkman-2.16-2.34.2") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-buildsymbols-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-debuginfo-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-debugsource-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-devel-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xulrunner-devel-debuginfo-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"mozilla-js-32bit-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"mozilla-js-debuginfo-32bit-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xulrunner-32bit-17.0.3-2.30.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xulrunner-debuginfo-32bit-17.0.3-2.30.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Mozilla");
}
VendorProductVersionCPE
novellopensusemozillafirefoxp-cpe:/a:novell:opensuse:mozillafirefox
novellopensusemozillafirefox-branding-upstreamp-cpe:/a:novell:opensuse:mozillafirefox-branding-upstream
novellopensusemozillafirefox-buildsymbolsp-cpe:/a:novell:opensuse:mozillafirefox-buildsymbols
novellopensusemozillafirefox-debuginfop-cpe:/a:novell:opensuse:mozillafirefox-debuginfo
novellopensusemozillafirefox-debugsourcep-cpe:/a:novell:opensuse:mozillafirefox-debugsource
novellopensusemozillafirefox-develp-cpe:/a:novell:opensuse:mozillafirefox-devel
novellopensusemozillafirefox-translations-commonp-cpe:/a:novell:opensuse:mozillafirefox-translations-common
novellopensusemozillafirefox-translations-otherp-cpe:/a:novell:opensuse:mozillafirefox-translations-other
novellopensusexulrunner-debugsourcep-cpe:/a:novell:opensuse:xulrunner-debugsource
novellopensusexulrunner-develp-cpe:/a:novell:opensuse:xulrunner-devel
Rows per page:
1-10 of 431

References

Related

suse 3
openvas 70
nessus 32
securityvulns 1
ubuntu 3
mozilla 8
freebsd 1
oraclelinux 2
redhat 2
centos 2
cve 13
prion 13
fedora 2
ubuntucve 13
cvelist 13
nvd 13
veracode 6
debian 1
ibm 1
suse
suse
Mozilla: February 2013 update round (Firefox 19) (important)
2013-02-22 14:04:25
Security update for Mozilla Firefox (important)
2013-03-08 22:04:48
Security update for Mozilla Firefox (important)
2013-03-15 19:04:45
openvas
openvas
openSUSE: Security Advisory for Mozilla (openSUSE-SU-2013:0323-1)
2013-03-11 00:00:00
SuSE Update for Mozilla openSUSE-SU-2013:0323-1 (Mozilla)
2013-03-11 00:00:00
SeaMonkey Multiple Vulnerabilities -01 Feb13 (Windows)
2013-02-21 00:00:00
nessus
nessus
Mozilla Firefox 18.x <= 18 Multiple Vulnerabilities
2013-02-20 00:00:00
Mozilla SeaMonkey < 2.16 Multiple Vulnerabilities
2013-02-22 00:00:00
Ubuntu 11.10 / 12.04 LTS / 12.10 : firefox regression (USN-1729-2)
2013-03-01 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-02-24 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2013-02-20 00:00:00
Firefox regression
2013-03-01 00:00:00
Thunderbird vulnerabilities
2013-02-25 00:00:00
mozilla
mozilla
Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer — Mozilla
2013-02-19 00:00:00
Wrapped WebIDL objects can be wrapped again — Mozilla
2013-02-19 00:00:00
Phishing on HTTPS connection through malicious proxy — Mozilla
2013-02-19 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-02-19 00:00:00
oraclelinux
oraclelinux
firefox security update
2013-02-19 00:00:00
thunderbird security update
2013-02-19 00:00:00
redhat
redhat
(RHSA-2013:0271) Critical: firefox security update
2013-02-19 00:00:00
(RHSA-2013:0272) Critical: thunderbird security update
2013-02-19 00:00:00
centos
centos
thunderbird security update
2013-02-20 04:09:27
devhelp, firefox, libproxy, xulrunner, yelp security update
2013-02-20 03:20:40
cve
cve
CVE-2013-0779
2013-02-19 23:55:01
CVE-2013-0765
2013-02-19 23:55:01
CVE-2013-0780
2013-02-19 23:55:01
prion
prion
Design/Logic Flaw
2013-02-19 23:55:00
Out-of-bounds
2013-02-19 23:55:00
Heap overflow
2013-02-19 23:55:00
fedora
fedora
[SECURITY] Fedora 17 Update: seamonkey-2.16-1.fc17
2013-03-04 22:29:49
[SECURITY] Fedora 18 Update: seamonkey-2.16-1.fc18
2013-03-04 22:43:33
ubuntucve
ubuntucve
CVE-2013-0765
2013-02-20 00:00:00
CVE-2013-0779
2013-02-20 00:00:00
CVE-2013-0782
2013-02-20 00:00:00
cvelist
cvelist
CVE-2013-0779
2013-02-19 23:00:00
CVE-2013-0765
2013-02-19 23:00:00
CVE-2013-0782
2013-02-19 23:00:00
nvd
nvd
CVE-2013-0782
2013-02-19 23:55:01
CVE-2013-0765
2013-02-19 23:55:01
CVE-2013-0779
2013-02-19 23:55:01
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:52:50
Arbitrary Code Execution
2019-05-02 04:52:50
Arbitrary Code Execution
2019-05-02 04:52:51
debian
debian
[SECURITY] [DSA 2699-1] iceweasel security update
2013-06-02 16:37:13
ibm
ibm
Security Bulletin: SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.027 Low

EPSS

Percentile

90.5%

JSON
Related for OPENSUSE-2013-141.NASL
suse3openvas70nessus32securityvulns1ubuntu3mozilla8freebsd1oraclelinux2redhat2centos2cve13prion13fedora2ubuntucve13cvelist13nvd13veracode6debian1ibm1