From Red Hat Security Advisory 2008:0103 :
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having critical security impact by the Red Hat Security Response Team.
Mozilla Firefox is an open source Web browser.
Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)
Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)
A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417)
A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418)
A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content.
(CVE-2008-0592)
Users of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
{"id": "ORACLELINUX_ELSA-2008-0103.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Oracle Linux 4 / 5 : firefox (ELSA-2008-0103)", "description": "From Red Hat Security Advisory 2008:0103 :\n\nUpdated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser.\n\nSeveral flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n\nSeveral flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n\nA flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418)\n\nA flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\n\nUsers of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "published": "2013-07-12T00:00:00", "modified": "2021-01-14T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/67647", "reporter": "This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415", "https://oss.oracle.com/pipermail/el-errata/2008-February/000509.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0420", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0416", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0417", "https://oss.oracle.com/pipermail/el-errata/2008-February/000508.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0592", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419"], "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "immutableFields": [], "lastseen": "2023-05-19T14:25:40", "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0103", "CESA-2008:0104", "CESA-2008:0104-01", "CESA-2008:0105"]}, {"type": "cert", "idList": ["VU:309608", "VU:879056"]}, {"type": "cve", "idList": ["CVE-2007-3090", "CVE-2007-6524", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0894"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1484-1:87969", "DEBIAN:DSA-1485-1:95345", "DEBIAN:DSA-1485-2:D3677", "DEBIAN:DSA-1489-1:68AB5", "DEBIAN:DSA-1506-1:BBA3D", "DEBIAN:DSA-1506-2:54D82"]}, {"type": "fedora", "idList": ["FEDORA:M1D4PHXM003988", "FEDORA:M1D4PHXN003988", "FEDORA:M1D4PHXO003988", "FEDORA:M1D4PHXP003988", "FEDORA:M1D4PHXQ003988", "FEDORA:M1D4PHXR003988", "FEDORA:M1D4PHXS003988", "FEDORA:M1D4PHXT003988", "FEDORA:M1D4PIXI003989", "FEDORA:M1D4PIXJ003989", "FEDORA:M1D4PIXK003989", "FEDORA:M1D4PIXL003989", "FEDORA:M1D4PIXM003989", "FEDORA:M1D4PIXN003989", "FEDORA:M1D4QHXF004158", "FEDORA:M1D559HS005482", "FEDORA:M1D559HT005482", "FEDORA:M1D559HU005482", "FEDORA:M1D559HV005482", "FEDORA:M1D559HW005482", "FEDORA:M1D559HX005482", "FEDORA:M1D559HY005482", "FEDORA:M1D559RM005480", "FEDORA:M1D559RN005480", "FEDORA:M1D559RO005480", "FEDORA:M1D559RP005480", "FEDORA:M1D559RQ005480", "FEDORA:M1D559RR005480", "FEDORA:M1D559RS005480", "FEDORA:M1D559RT005480", "FEDORA:M1D559RU005480", "FEDORA:M1DFACWB003439", "FEDORA:M1SLCPXW026397", "FEDORA:M1SLK2VB027437"]}, {"type": "freebsd", "idList": ["810A5197-E0D9-11DC-891A-02061B08FC24"]}, {"type": "gentoo", "idList": ["GLSA-200805-18"]}, {"type": "mozilla", "idList": ["MFSA2008-01", "MFSA2008-03", "MFSA2008-04", "MFSA2008-05", "MFSA2008-06", "MFSA2008-07", "MFSA2008-08", "MFSA2008-09", "MFSA2008-10", "MFSA2008-13"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0103.NASL", "CENTOS_RHSA-2008-0104.NASL", "CENTOS_RHSA-2008-0105.NASL", "DEBIAN_DSA-1484.NASL", "DEBIAN_DSA-1485.NASL", "DEBIAN_DSA-1489.NASL", "DEBIAN_DSA-1506.NASL", "FEDORA_2008-1435.NASL", "FEDORA_2008-1459.NASL", "FEDORA_2008-1535.NASL", "FEDORA_2008-1669.NASL", "FEDORA_2008-2060.NASL", "FEDORA_2008-2118.NASL", "FREEBSD_PKG_810A5197E0D911DC891A02061B08FC24.NASL", "GENTOO_GLSA-200805-18.NASL", "MANDRIVA_MDVSA-2008-048.NASL", "MANDRIVA_MDVSA-2008-062.NASL", "MOZILLA_FIREFOX_20012.NASL", "MOZILLA_THUNDERBIRD_20012.NASL", "NETSCAPE_BROWSER_9006.NASL", "ORACLELINUX_ELSA-2008-0104.NASL", "ORACLELINUX_ELSA-2008-0105.NASL", "REDHAT-RHSA-2008-0103.NASL", "REDHAT-RHSA-2008-0104.NASL", "REDHAT-RHSA-2008-0105.NASL", "SEAMONKEY_118.NASL", "SLACKWARE_SSA_2008-061-01.NASL", "SL_20080207_FIREFOX_ON_SL4_X.NASL", "SL_20080207_SEAMONKEY_ON_SL3_X.NASL", "SL_20080207_THUNDERBIRD_ON_SL4_X.NASL", "SUSE_EPIPHANY-5102.NASL", "SUSE_MOZILLA-XULRUNNER-5118.NASL", "SUSE_MOZILLA-XULRUNNER-5123.NASL", "SUSE_MOZILLAFIREFOX-5001.NASL", "SUSE_MOZILLAFIREFOX-5002.NASL", "SUSE_MOZILLATHUNDERBIRD-5095.NASL", "SUSE_MOZILLATHUNDERBIRD-5098.NASL", "SUSE_SEAMONKEY-5011.NASL", "SUSE_SEAMONKEY-5012.NASL", "UBUNTU_USN-576-1.NASL", "UBUNTU_USN-582-1.NASL", "UBUNTU_USN-582-2.NASL", "UBUNTU_USN-592-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122612", "OPENVAS:136141256231060523", "OPENVAS:136141256231065196", "OPENVAS:1361412562310830624", "OPENVAS:1361412562310830675", "OPENVAS:1361412562310870023", "OPENVAS:1361412562310870039", "OPENVAS:1361412562310870044", "OPENVAS:1361412562310870047", "OPENVAS:1361412562310880017", "OPENVAS:1361412562310880022", "OPENVAS:1361412562310880036", "OPENVAS:1361412562310880054", "OPENVAS:1361412562310880131", "OPENVAS:1361412562310880136", "OPENVAS:1361412562310880157", "OPENVAS:1361412562310880161", "OPENVAS:1361412562310880164", "OPENVAS:1361412562310880191", "OPENVAS:1361412562310880203", "OPENVAS:1361412562310880228", "OPENVAS:1361412562310880270", "OPENVAS:1361412562310880271", "OPENVAS:1361412562310880295", "OPENVAS:136141256231090014", "OPENVAS:60362", "OPENVAS:60363", "OPENVAS:60364", "OPENVAS:60441", "OPENVAS:60456", "OPENVAS:60523", "OPENVAS:60575", "OPENVAS:60615", "OPENVAS:61052", "OPENVAS:65196", "OPENVAS:830624", "OPENVAS:830675", "OPENVAS:840192", "OPENVAS:840238", "OPENVAS:840285", "OPENVAS:840287", "OPENVAS:850020", "OPENVAS:860051", "OPENVAS:860054", "OPENVAS:860105", "OPENVAS:860109", "OPENVAS:860127", "OPENVAS:860184", "OPENVAS:860212", "OPENVAS:860234", "OPENVAS:860269", "OPENVAS:860287", "OPENVAS:860306", "OPENVAS:860316", "OPENVAS:860415", "OPENVAS:860417", "OPENVAS:860429", "OPENVAS:860442", "OPENVAS:860467", "OPENVAS:860512", "OPENVAS:860538", "OPENVAS:860588", "OPENVAS:860601", "OPENVAS:860616", "OPENVAS:860637", "OPENVAS:860664", "OPENVAS:860679", "OPENVAS:860693", "OPENVAS:860714", "OPENVAS:860719", "OPENVAS:860787", "OPENVAS:860797", "OPENVAS:860802", "OPENVAS:860822", "OPENVAS:860857", "OPENVAS:860975", "OPENVAS:870023", "OPENVAS:870039", "OPENVAS:870044", "OPENVAS:870047", "OPENVAS:880017", "OPENVAS:880022", "OPENVAS:880036", "OPENVAS:880054", "OPENVAS:880131", "OPENVAS:880136", "OPENVAS:880157", "OPENVAS:880161", "OPENVAS:880164", "OPENVAS:880191", "OPENVAS:880203", "OPENVAS:880228", "OPENVAS:880270", "OPENVAS:880271", "OPENVAS:880295", "OPENVAS:90013", "OPENVAS:90014"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0103", "ELSA-2008-0104", "ELSA-2008-0105"]}, {"type": "osv", "idList": ["OSV:DSA-1484-1", "OSV:DSA-1485-2", "OSV:DSA-1489-1", "OSV:DSA-1506-1", "OSV:DSA-1534-1"]}, {"type": "redhat", "idList": ["RHSA-2008:0103", "RHSA-2008:0104", "RHSA-2008:0105"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19033", "SECURITYVULNS:DOC:19035", "SECURITYVULNS:DOC:19036", "SECURITYVULNS:DOC:19037", "SECURITYVULNS:DOC:19038", "SECURITYVULNS:DOC:19039", "SECURITYVULNS:DOC:19040", "SECURITYVULNS:DOC:19041", "SECURITYVULNS:DOC:19294", "SECURITYVULNS:DOC:19515", "SECURITYVULNS:VULN:8648", "SECURITYVULNS:VULN:8697", "SECURITYVULNS:VULN:8838"]}, {"type": "seebug", "idList": ["SSV:2926", "SSV:3319", "SSV:3351"]}, {"type": "slackware", "idList": ["SSA-2008-061-01"]}, {"type": "suse", "idList": ["SUSE-SA:2008:008"]}, {"type": "ubuntu", "idList": ["USN-576-1", "USN-582-1", "USN-582-2", "USN-592-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-6524", "UB:CVE-2008-0412", "UB:CVE-2008-0413", "UB:CVE-2008-0415", "UB:CVE-2008-0416", "UB:CVE-2008-0417", "UB:CVE-2008-0418", "UB:CVE-2008-0419", "UB:CVE-2008-0420", "UB:CVE-2008-0591", "UB:CVE-2008-0592", "UB:CVE-2008-0593"]}, {"type": "veracode", "idList": ["VERACODE:23212", "VERACODE:23213", "VERACODE:23214", "VERACODE:23216", "VERACODE:23217", "VERACODE:23218", "VERACODE:23220", "VERACODE:23221", "VERACODE:23222"]}]}, "score": {"value": 1.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0103", "CESA-2008:0104", "CESA-2008:0104-01", "CESA-2008:0105"]}, {"type": "cert", "idList": ["VU:879056"]}, {"type": "cve", "idList": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1484-1:87969"]}, {"type": "fedora", "idList": ["FEDORA:M1D4PHXO003988"]}, {"type": "freebsd", "idList": ["810A5197-E0D9-11DC-891A-02061B08FC24"]}, {"type": "mozilla", "idList": ["MFSA2008-04"]}, {"type": "nessus", "idList": ["NETSCAPE_BROWSER_9006.NASL", "ORACLELINUX_ELSA-2008-0104.NASL", "SL_20080207_THUNDERBIRD_ON_SL4_X.NASL", "SUSE_MOZILLA-XULRUNNER-5118.NASL", "UBUNTU_USN-582-2.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310880131", "OPENVAS:1361412562310880157", "OPENVAS:1361412562310880191", "OPENVAS:1361412562310880271", "OPENVAS:60363", "OPENVAS:860184", "OPENVAS:860857", "OPENVAS:860975", "OPENVAS:880164", "OPENVAS:880270"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0104"]}, {"type": "redhat", "idList": ["RHSA-2008:0105"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19037", "SECURITYVULNS:DOC:19515"]}, {"type": "seebug", "idList": ["SSV:2926", "SSV:3319"]}, {"type": "slackware", "idList": ["SSA-2008-061-01"]}, {"type": "ubuntu", "idList": ["USN-592-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-0416", "UB:CVE-2008-0593"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2008-0412", "epss": 0.12651, "percentile": 0.94593, "modified": "2023-05-06"}, {"cve": "CVE-2008-0413", "epss": 0.15203, "percentile": 0.94996, "modified": "2023-05-06"}, {"cve": "CVE-2008-0415", "epss": 0.00694, "percentile": 0.77296, "modified": "2023-05-06"}, {"cve": "CVE-2008-0416", "epss": 0.00374, "percentile": 0.68665, "modified": "2023-05-06"}, {"cve": "CVE-2008-0417", "epss": 0.01881, "percentile": 0.86649, "modified": "2023-05-06"}, {"cve": "CVE-2008-0418", "epss": 0.00955, "percentile": 0.80965, "modified": "2023-05-06"}, {"cve": "CVE-2008-0419", "epss": 0.06421, "percentile": 0.92593, "modified": "2023-05-06"}, {"cve": "CVE-2008-0420", "epss": 0.06462, "percentile": 0.92614, "modified": "2023-05-06"}, {"cve": "CVE-2008-0591", "epss": 0.02863, "percentile": 0.89201, "modified": "2023-05-06"}, {"cve": "CVE-2008-0592", "epss": 0.06013, "percentile": 0.92366, "modified": "2023-05-06"}, {"cve": "CVE-2008-0593", "epss": 0.00566, "percentile": 0.74513, "modified": "2023-05-06"}], "vulnersScore": 1.2}, "_state": {"dependencies": 1684507095, "score": 1684509531, "epss": 0}, "_internal": {"score_hash": "988dd7b8bf1f5457446fc9c9816d88d6"}, "pluginID": "67647", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0103 and \n# Oracle Linux Security Advisory ELSA-2008-0103 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67647);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_bugtraq_id(24293, 27406, 27683);\n script_xref(name:\"RHSA\", value:\"2008:0103\");\n\n script_name(english:\"Oracle Linux 4 / 5 : firefox (ELSA-2008-0103)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0103 :\n\nUpdated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser.\n\nSeveral flaws were found in the way Firefox processed certain\nmalformed web content. A webpage containing malicious content could\ncause Firefox to crash, or potentially execute arbitrary code as the\nuser running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\nCVE-2008-0419)\n\nSeveral flaws were found in the way Firefox displayed malformed web\ncontent. A webpage containing specially crafted content could trick a\nuser into surrendering sensitive information. (CVE-2008-0591,\nCVE-2008-0593)\n\nA flaw was found in the way Firefox stored password data. If a user\nsaves login information for a malicious website, it could be possible\nto corrupt the password database, preventing the user from properly\naccessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way Firefox handles certain chrome URLs. If a\nuser has certain extensions installed, it could allow a malicious\nwebsite to steal sensitive session data. Note: this flaw does not\naffect a default installation of Firefox. (CVE-2008-0418)\n\nA flaw was found in the way Firefox saves certain text files. If a\nwebsite offers a file of type 'plain/text', rather than 'text/plain',\nFirefox will not show future 'text/plain' content to the user in the\nbrowser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\n\nUsers of firefox are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000508.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000509.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 79, 94, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"firefox-1.5.0.12-0.10.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"firefox-1.5.0.12-0.10.el4.0.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"firefox-1.5.0.12-9.el5.0.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"firefox-devel-1.5.0.12-9.el5.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-devel\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "cpe": ["p-cpe:/a:oracle:linux:firefox", "p-cpe:/a:oracle:linux:firefox-devel", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "solution": "Update the affected firefox packages.", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2008-02-08T00:00:00", "vulnerabilityPublicationDate": "2008-02-08T00:00:00", "exploitableWith": []}
{"openvas": [{"lastseen": "2019-05-29T18:36:21", "description": "Oracle Linux Local Security Checks ELSA-2008-0103", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122612", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122612", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0103.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122612\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:49:16 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0103\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0103 - Critical: firefox security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0103\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0103.html\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-09T11:38:36", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880017", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880017", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014667.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880017\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:03", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880017", "href": "http://plugins.openvas.org/nasl.php?oid=880017", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014667.html\");\n script_id(880017);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:45", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880157", "href": "http://plugins.openvas.org/nasl.php?oid=880157", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014669.html\");\n script_id(880157);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos5 x86_64\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:11", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880131", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880131", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014682.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880131\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:04", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880022", "href": "http://plugins.openvas.org/nasl.php?oid=880022", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014668.html\");\n script_id(880022);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos4 i386\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:09", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880161", "href": "http://plugins.openvas.org/nasl.php?oid=880161", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014663.html\");\n script_id(880161);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos4 x86_64\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:35", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880161", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880161", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014663.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880161\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:30", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880157", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880157", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014669.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880157\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:17", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880164", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880164", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014678.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880164\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:02", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880191", "href": "http://plugins.openvas.org/nasl.php?oid=880191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014664.html\");\n script_id(880191);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos4 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:59", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880054", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014662.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880054\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:29", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880136", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880136", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014670.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880136\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:14", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014664.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880191\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:50", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for seamonkey RHSA-2008:0104-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for seamonkey RHSA-2008:0104-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on Red Hat Enterprise Linux AS (Advanced Server) version 2.1,\n Red Hat Enterprise Linux ES version 2.1,\n Red Hat Enterprise Linux WS version 2.1,\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00002.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870039\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0104-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for seamonkey RHSA-2008:0104-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_2.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:44", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880136", "href": "http://plugins.openvas.org/nasl.php?oid=880136", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014670.html\");\n script_id(880136);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos5 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:29", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for firefox RHSA-2008:0103-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870023", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2008:0103-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00001.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870023\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0103-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for firefox RHSA-2008:0103-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~1.5.0.12~0.10.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:37", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for firefox RHSA-2008:0103-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870023", "href": "http://plugins.openvas.org/nasl.php?oid=870023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2008:0103-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00001.html\");\n script_id(870023);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0103-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for firefox RHSA-2008:0103-01\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~1.5.0.12~0.10.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:52", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880036", "href": "http://plugins.openvas.org/nasl.php?oid=880036", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014661.html\");\n script_id(880036);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos3 i386\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:56", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880054", "href": "http://plugins.openvas.org/nasl.php?oid=880054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014662.html\");\n script_id(880054);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:40", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880164", "href": "http://plugins.openvas.org/nasl.php?oid=880164", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014678.html\");\n script_id(880164);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos3 x86_64\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:44", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for seamonkey RHSA-2008:0104-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870039", "href": "http://plugins.openvas.org/nasl.php?oid=870039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for seamonkey RHSA-2008:0104-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on Red Hat Enterprise Linux AS (Advanced Server) version 2.1,\n Red Hat Enterprise Linux ES version 2.1,\n Red Hat Enterprise Linux WS version 2.1,\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00002.html\");\n script_id(870039);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0104-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for seamonkey RHSA-2008:0104-01\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_2.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:37", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880131", "href": "http://plugins.openvas.org/nasl.php?oid=880131", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014682.html\");\n script_id(880131);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:38", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880022", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880022", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014668.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880022\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:57", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014677.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880295\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:11", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880295", "href": "http://plugins.openvas.org/nasl.php?oid=880295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014677.html\");\n script_id(880295);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos3 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:48", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880036", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880036", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014661.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880036\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:46", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880203", "href": "http://plugins.openvas.org/nasl.php?oid=880203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014671.html\");\n script_id(880203);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos5 i386\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:35", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880270", "href": "http://plugins.openvas.org/nasl.php?oid=880270", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014666.html\");\n script_id(880270);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:43", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880228", "href": "http://plugins.openvas.org/nasl.php?oid=880228", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014665.html\");\n script_id(880228);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos4 i386\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:35", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880203", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014671.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880203\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:05", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2008:0105-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870047", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2008:0105-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00003.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870047\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0105-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for thunderbird RHSA-2008:0105-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:33", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880271", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880271", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014672.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880271\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:26", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880228", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880228", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014665.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880228\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:46", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880271", "href": "http://plugins.openvas.org/nasl.php?oid=880271", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014672.html\");\n script_id(880271);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:11", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2008:0105-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870047", "href": "http://plugins.openvas.org/nasl.php?oid=870047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2008:0105-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00003.html\");\n script_id(870047);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0105-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for thunderbird RHSA-2008:0105-01\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:03", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880270", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880270", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014666.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880270\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:09", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for seamonkey FEDORA-2008-1459", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860975", "href": "http://plugins.openvas.org/nasl.php?oid=860975", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for seamonkey FEDORA-2008-1459\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"seamonkey on Fedora 8\";\ntag_insight = \"SeaMonkey is an all-in-one Internet application suite. It includes\n a browser, mail/news client, IRC client, JavaScript debugger, and\n a tool to inspect the DOM for web pages. It is derived from the\n application formerly known as Mozilla Application Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html\");\n script_id(860975);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1459\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"Fedora Update for seamonkey FEDORA-2008-1459\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.8~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:18", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2008:0105-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870044", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2008:0105-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A heap-based buffer overflow flaw was found in the way Thunderbird\n processed messages with external-body Multipurpose Internet Message\n Extensions (MIME) types. A HTML mail message containing malicious content\n could cause Thunderbird to execute arbitrary code as the user running\n Thunderbird. (CVE-2008-0304)\n \n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0420,\n CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592)\n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870044\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0105-02\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for thunderbird RHSA-2008:0105-02\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:04", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2008-2060", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860797", "href": "http://plugins.openvas.org/nasl.php?oid=860797", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2008-2060\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 8\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html\");\n script_id(860797);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 16:22:52 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-2060\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0304\", \"CVE-2008-0420\");\n script_name( \"Fedora Update for thunderbird FEDORA-2008-2060\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.12~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:58", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for seamonkey FEDORA-2008-1669", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860184", "href": "http://plugins.openvas.org/nasl.php?oid=860184", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for seamonkey FEDORA-2008-1669\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"seamonkey on Fedora 7\";\ntag_insight = \"SeaMonkey is an all-in-one Internet application suite. It includes\n a browser, mail/news client, IRC client, JavaScript debugger, and\n a tool to inspect the DOM for web pages. It is derived from the\n application formerly known as Mozilla Application Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00518.html\");\n script_id(860184);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1669\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"Fedora Update for seamonkey FEDORA-2008-1669\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.8~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:16", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2008:0105-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870044", "href": "http://plugins.openvas.org/nasl.php?oid=870044", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2008:0105-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A heap-based buffer overflow flaw was found in the way Thunderbird\n processed messages with external-body Multipurpose Internet Message\n Extensions (MIME) types. A HTML mail message containing malicious content\n could cause Thunderbird to execute arbitrary code as the user running\n Thunderbird. (CVE-2008-0304)\n \n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0420,\n CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592)\n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00020.html\");\n script_id(870044);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0105-02\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for thunderbird RHSA-2008:0105-02\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:21", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2008-2118", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860417", "href": "http://plugins.openvas.org/nasl.php?oid=860417", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2008-2118\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 7\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html\");\n script_id(860417);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 16:22:52 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-2118\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0420\", \"CVE-2008-0304\");\n script_name( \"Fedora Update for thunderbird FEDORA-2008-2118\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.12~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:13", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-576-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox vulnerabilities USN-576-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840192", "href": "http://plugins.openvas.org/nasl.php?oid=840192", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_576_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for firefox vulnerabilities USN-576-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Various flaws were discovered in the browser and JavaScript engine.\n By tricking a user into opening a malicious web page, an attacker\n could execute arbitrary code with the user's privileges.\n (CVE-2008-0412, CVE-2008-0413)\n\n Flaws were discovered in the file upload form control. A malicious\n website could force arbitrary files from the user's computer to be\n uploaded without consent. (CVE-2008-0414)\n \n Various flaws were discovered in the JavaScript engine. By tricking\n a user into opening a malicious web page, an attacker could escalate\n privileges within the browser, perform cross-site scripting attacks\n and/or execute arbitrary code with the user's privileges. (CVE-2008-0415)\n \n Various flaws were discovered in character encoding handling. If a\n user were ticked into opening a malicious web page, an attacker\n could perform cross-site scripting attacks. (CVE-2008-0416)\n \n Justin Dolske discovered a flaw in the password saving mechanism. By\n tricking a user into opening a malicious web page, an attacker could\n corrupt the user's stored passwords. (CVE-2008-0417)\n \n Gerry Eisenhaur discovered that the chrome URI scheme did not properly\n guard against directory traversal. Under certain circumstances, an\n attacker may be able to load files or steal session data. Ubuntu is\n not vulnerable in the default installation. (CVE-2008-0418)\n \n David Bloom discovered flaws in the way images are treated by the\n browser. A malicious website could exploit this to steal the user's\n history information, crash the browser and/or possibly execute\n arbitrary code with the user's privileges. (CVE-2008-0419)\n \n Flaws were discovered in the BMP decoder. By tricking a user into\n opening a specially crafted BMP file, an attacker could obtain\n sensitive information. (CVE-2008-0420)\n \n Michal Zalewski discovered flaws with timer-enabled security dialogs.\n A malicious website could force the user to confirm a security dialog\n without explicit consent. (CVE-2008-0591)\n \n It was discovered that Firefox mishandled locally saved plain text\n files. By tricking a user into saving a specially crafted text file,\n an attacker could prevent the browser from displaying local files\n with a .txt extension. (CVE-2008-0592)\n \n Martin Straka discovered flaws in stylesheet handling after a 302\n redirect. By tricking a user into opening a malicious web page, an\n attacker could obtain sensitive URL parameters. (CVE-2008-0593)\n \n Emil Ljungdahl and Lars-Olof Moilanen discovered that a web forgery\n warning dialog wasn't displayed under certain circumstances. A\n malicious website could exploit this to conduct phishing attacks\n against the user. (CVE-2008-0594)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-576-1\";\ntag_affected = \"firefox vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-576-1/\");\n script_id(840192);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"576-1\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_name( \"Ubuntu Update for firefox vulnerabilities USN-576-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr-dev\", ver:\"1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4\", ver:\"1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss-dev\", ver:\"1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dev\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dom-inspector\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-gnome-support\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr-dev\", ver:\"1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4\", ver:\"1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss-dev\", ver:\"1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dev\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr-dev\", ver:\"1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4\", ver:\"1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss-dev\", ver:\"1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dev\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dom-inspector\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-gnome-support\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:28", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2008-09-04T00:00:00", "type": "openvas", "title": "FreeBSD Ports: firefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2016-09-19T00:00:00", "id": "OPENVAS:60456", "href": "http://plugins.openvas.org/nasl.php?oid=60456", "sourceData": "#\n#VID 810a5197-e0d9-11dc-891a-02061b08fc24\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n firefox\n linux-firefox\n seamonkey\n linux-seamonkey\n flock\n linux-flock\n linux-firefox-devel\n linux-seamonkey-devel\n\nFor details, please visit the referenced security advisories.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.mozilla.org/projects/security/known-vulnerabilities.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-01.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-02.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-03.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-04.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-05.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-06.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-07.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-08.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-09.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-10.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-11.html\nhttp://www.vuxml.org/freebsd/810a5197-e0d9-11dc-891a-02061b08fc24.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(60456);\n script_version(\"$Revision: 4112 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-19 15:17:59 +0200 (Mon, 19 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.12,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.12\")<0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.8\")<0) {\n txt += 'Package seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.8\")<0) {\n txt += 'Package linux-seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"flock\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.9\")<0) {\n txt += 'Package flock version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-flock\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.9\")<0) {\n txt += 'Package linux-flock version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-firefox-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-seamonkey-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:22", "description": "The remote host is missing an update to iceweasel\nannounced via advisory DSA 1489-1.", "cvss3": {}, "published": "2008-02-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1489-1 (iceweasel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60364", "href": "http://plugins.openvas.org/nasl.php?oid=60364", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1489_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1489-1 (iceweasel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Iceweasel\nweb browser, an unbranded version of the Firefox browser. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\nJesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\nNickerson discovered crashes in the layout engine, which might allow\nthe execution of arbitrary code.\n\nCVE-2008-0413\n\nCarsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\nPhilip Taylor and tgirmann discovered crashes in the Javascript\nengine, which might allow the execution of arbitrary code.\n\nCVE-2008-0414\n\nhong and Gregory Fleisher discovered that file input focus\nvulnerabilities in the file upload control could allow information\ndisclosure of local files.\n\nCVE-2008-0415\n\nmoz_bug_r_a4 and Boris Zbarsky discovered discovered several\nvulnerabilities in Javascript handling, which could allow\nprivilege escalation.\n\nCVE-2008-0417\n\nJustin Dolske discovered that the password storage machanism could\nbe abused by malicious web sites to corrupt existing saved passwords.\n\nCVE-2008-0418\n\nGerry Eisenhaur and moz_bug_r_a4 discovered that a directory\ntraversal vulnerability in chrome: URI handling could lead to\ninformation disclosure.\n\nCVE-2008-0419\n\nDavid Bloom discovered a race condition in the image handling of\ndesignMode elements, which can lead to information disclosure or\npotentially the execution of arbitrary code.\n\nCVE-2008-0591\n\nMichal Zalewski discovered that timers protecting security-sensitive\ndialogs (which disable dialog elements until a timeout is reached)\ncould be bypassed by window focus changes through Javascript.\n\nCVE-2008-0592\n\nIt was discovered that malformed content declarations of saved\nattachments could prevent a user in the opening local files\nwith a .txt file name, resulting in minor denial of service.\n\nCVE-2008-0593\n\nMartin Straka discovered that insecure stylesheet handling during\nredirects could lead to information disclosure.\n\nCVE-2008-0594\n\nEmil Ljungdahl and Lars-Olof Moilanen discovered that phishing\nprotections could be bypassed with <div> elements.\n\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.0.0.12-0etch1.\n\nThe Mozilla products from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceweasel packages.\";\ntag_summary = \"The remote host is missing an update to iceweasel\nannounced via advisory DSA 1489-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201489-1\";\n\n\nif(description)\n{\n script_id(60364);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-15 23:29:21 +0100 (Fri, 15 Feb 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1489-1 (iceweasel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox-dom-inspector\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox-gnome-support\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dom-inspector\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-gnome-support\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:43", "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 1485-2.", "cvss3": {}, "published": "2008-03-19T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1485-2 (icedove)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60575", "href": "http://plugins.openvas.org/nasl.php?oid=60575", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1485_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1485-2 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A regression has been fixed in icedove's frame handling code. For\nreference you can find the original update below:\n\nSeveral remote vulnerabilities have been discovered in the Icedove mail\nclient, an unbranded version of the Thunderbird client. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\nJesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\nNickerson discovered crashes in the layout engine, which might allow\nthe execution of arbitrary code.\n\nCVE-2008-0413\n\nCarsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\nPhilip Taylor and tgirmann discovered crashes in the Javascript\nengine, which might allow the execution of arbitrary code.\n\nCVE-2008-0415\n\nmoz_bug_r_a4 and Boris Zbarsky discovered discovered several\nvulnerabilities in Javascript handling, which could allow\nprivilege escalation.\n\nCVE-2008-0418\n\nGerry Eisenhaur and moz_bug_r_a4 discovered that a directory\ntraversal vulnerability in chrome: URI handling could lead to\ninformation disclosure.\n\nCVE-2008-0419\n\nDavid Bloom discovered a race condition in the image handling of\ndesignMode elements, which can lead to information disclosure or\npotentially the execution of arbitrary code.\n\nCVE-2008-0591\n\nMichal Zalewski discovered that timers protecting security-sensitive\ndialogs (which disable dialog elements until a timeout is reached)\ncould be bypassed by window focus changes through Javascript.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.5.0.13+1.5.0.15b.dfsg1-0etch2.\n\nThe Mozilla products in the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your icedove packages.\";\ntag_summary = \"The remote host is missing an update to icedove\nannounced via advisory DSA 1485-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201485-2\";\n\n\nif(description)\n{\n script_id(60575);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-03-19 20:30:32 +0100 (Wed, 19 Mar 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1485-2 (icedove)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-inspector\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:20", "description": "The remote host is missing an update to xulrunner\nannounced via advisory DSA 1484-1.", "cvss3": {}, "published": "2008-02-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1484-1 (xulrunner)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60363", "href": "http://plugins.openvas.org/nasl.php?oid=60363", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1484_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1484-1 (xulrunner)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in Xulrunner, a\nruntime environment for XUL applications. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2008-0412\n\nJesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\nNickerson discovered crashes in the layout engine, which might allow\nthe execution of arbitrary code.\n\nCVE-2008-0413\n\nCarsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\nPhilip Taylor and tgirmann discovered crashes in the Javascript\nengine, which might allow the execution of arbitrary code.\n\nCVE-2008-0414\n\nhong and Gregory Fleisher discovered that file input focus\nvulnerabilities in the file upload control could allow information\ndisclosure of local files.\n\nCVE-2008-0415\n\nmoz_bug_r_a4 and Boris Zbarsky discovered discovered several\nvulnerabilities in Javascript handling, which could allow\nprivilege escalation.\n\nCVE-2008-0417\n\nJustin Dolske discovered that the password storage machanism could\nbe abused by malicious web sites to corrupt existing saved passwords.\n\nCVE-2008-0418\n\nGerry Eisenhaur and moz_bug_r_a4 discovered that a directory\ntraversal vulnerability in chrome: URI handling could lead to\ninformation disclosure.\n\nCVE-2008-0419\n\nDavid Bloom discovered a race condition in the image handling of\ndesignMode elements, which could lead to information disclosure or\npotentially the execution of arbitrary code.\n\nCVE-2008-0591\n\nMichal Zalewski discovered that timers protecting security-sensitive\ndialogs (which disable dialog elements until a timeout is reached)\ncould be bypassed by window focus changes through Javascript.\n\nCVE-2008-0592\n\nIt was discovered that malformed content declarations of saved\nattachments could prevent a user in the opening local files\nwith a .txt file name, resulting in minor denial of service.\n\nCVE-2008-0593\n\nMartin Straka discovered that insecure stylesheet handling during\nredirects could lead to information disclosure.\n\nCVE-2008-0594\n\nEmil Ljungdahl and Lars-Olof Moilanen discovered that phishing\nprotections could be bypassed with <div> elements.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.8.0.15~pre080131b-0etch1.\n\nThe old stable distribution (sarge) doesn't contain xulrunner.\n\nWe recommend that you upgrade your xulrunner packages.\";\ntag_summary = \"The remote host is missing an update to xulrunner\nannounced via advisory DSA 1484-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201484-1\";\n\n\nif(description)\n{\n script_id(60363);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-15 23:29:21 +0100 (Fri, 15 Feb 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1484-1 (xulrunner)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxul-dev\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxul-common\", ver:\"1.8.0.15~pre080131a-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.8.0.15~pre080131a-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"1.8.0.15~pre080131a-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmjs1\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmjs-dev\", ver:\"1.8.0.15~pre080131a-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozillainterfaces-java\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d-dbg\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-0d\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-0d-dbg\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs0d-dbg\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs0d\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxul0d\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-xpcom\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxul0d-dbg\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-gnome-support\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:07", "description": "Check for the Version of mozilla-firefox", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830624", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830624", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Firefox program, version 2.0.0.12.\n\n This update provides the latest Firefox to correct these issues.\";\n\ntag_affected = \"mozilla-firefox on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-02/msg00030.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830624\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:048\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_name( \"Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of mozilla-firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"deskbar-applet\", rpm:\"deskbar-applet~2.18.0~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-ecj\", rpm:\"eclipse-ecj~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt\", rpm:\"eclipse-jdt~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt-sdk\", rpm:\"eclipse-jdt-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde\", rpm:\"eclipse-pde~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-runtime\", rpm:\"eclipse-pde-runtime~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-sdk\", rpm:\"eclipse-pde-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform\", rpm:\"eclipse-platform~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform-sdk\", rpm:\"eclipse-platform-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp\", rpm:\"eclipse-rcp~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp-sdk\", rpm:\"eclipse-rcp-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-sdk\", rpm:\"eclipse-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.18.0~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.18.0~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-extensions\", rpm:\"epiphany-extensions~2.18.0~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gksu\", rpm:\"gnome-python-gksu~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0-devel\", rpm:\"libdevhelp-1_0-devel~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox-devel\", rpm:\"libmozilla-firefox-devel~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox2.0.0.12\", rpm:\"libmozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libswt3-gtk2\", rpm:\"libswt3-gtk2~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser1\", rpm:\"libtotem-plparser1~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser1-devel\", rpm:\"libtotem-plparser1-devel~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox\", rpm:\"mozilla-firefox~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-af\", rpm:\"mozilla-firefox-af~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ar\", rpm:\"mozilla-firefox-ar~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-be\", rpm:\"mozilla-firefox-be~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-bg\", rpm:\"mozilla-firefox-bg~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-br_FR\", rpm:\"mozilla-firefox-br_FR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ca\", rpm:\"mozilla-firefox-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-cs\", rpm:\"mozilla-firefox-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-da\", rpm:\"mozilla-firefox-da~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-de\", rpm:\"mozilla-firefox-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-el\", rpm:\"mozilla-firefox-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-en_GB\", rpm:\"mozilla-firefox-en_GB~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_AR\", rpm:\"mozilla-firefox-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_ES\", rpm:\"mozilla-firefox-es_ES~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-et_EE\", rpm:\"mozilla-firefox-et_EE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-eu\", rpm:\"mozilla-firefox-eu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fi\", rpm:\"mozilla-firefox-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fr\", rpm:\"mozilla-firefox-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fy\", rpm:\"mozilla-firefox-fy~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ga\", rpm:\"mozilla-firefox-ga~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gu_IN\", rpm:\"mozilla-firefox-gu_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-he\", rpm:\"mozilla-firefox-he~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-hu\", rpm:\"mozilla-firefox-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-it\", rpm:\"mozilla-firefox-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ja\", rpm:\"mozilla-firefox-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ka\", rpm:\"mozilla-firefox-ka~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ko\", rpm:\"mozilla-firefox-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ku\", rpm:\"mozilla-firefox-ku~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-lt\", rpm:\"mozilla-firefox-lt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mk\", rpm:\"mozilla-firefox-mk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mn\", rpm:\"mozilla-firefox-mn~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nb_NO\", rpm:\"mozilla-firefox-nb_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nl\", rpm:\"mozilla-firefox-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nn_NO\", rpm:\"mozilla-firefox-nn_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pa_IN\", rpm:\"mozilla-firefox-pa_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pl\", rpm:\"mozilla-firefox-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_BR\", rpm:\"mozilla-firefox-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_PT\", rpm:\"mozilla-firefox-pt_PT~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ro\", rpm:\"mozilla-firefox-ro~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ru\", rpm:\"mozilla-firefox-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sk\", rpm:\"mozilla-firefox-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sl\", rpm:\"mozilla-firefox-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sv_SE\", rpm:\"mozilla-firefox-sv_SE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-tr\", rpm:\"mozilla-firefox-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-uk\", rpm:\"mozilla-firefox-uk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_CN\", rpm:\"mozilla-firefox-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_TW\", rpm:\"mozilla-firefox-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-common\", rpm:\"totem-common~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-gstreamer\", rpm:\"totem-gstreamer~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla-gstreamer\", rpm:\"totem-mozilla-gstreamer~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.18.0~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse\", rpm:\"eclipse~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-l10n\", rpm:\"mozilla-firefox-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0-devel\", rpm:\"lib64devhelp-1_0-devel~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox-devel\", rpm:\"lib64mozilla-firefox-devel~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox2.0.0.12\", rpm:\"lib64mozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser1\", rpm:\"lib64totem-plparser1~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser1-devel\", rpm:\"lib64totem-plparser1-devel~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-cvs-client\", rpm:\"eclipse-cvs-client~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-ecj\", rpm:\"eclipse-ecj~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt\", rpm:\"eclipse-jdt~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde\", rpm:\"eclipse-pde~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-runtime\", rpm:\"eclipse-pde-runtime~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform\", rpm:\"eclipse-platform~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp\", rpm:\"eclipse-rcp~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.20.0~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.20.0~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~7.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gksu\", rpm:\"gnome-python-gksu~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox-devel\", rpm:\"libmozilla-firefox-devel~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox2.0.0.12\", rpm:\"libmozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libswt3-gtk2\", rpm:\"libswt3-gtk2~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser-devel\", rpm:\"libtotem-plparser-devel~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser7\", rpm:\"libtotem-plparser7~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox\", rpm:\"mozilla-firefox~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-af\", rpm:\"mozilla-firefox-af~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ar\", rpm:\"mozilla-firefox-ar~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-be\", rpm:\"mozilla-firefox-be~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-bg\", rpm:\"mozilla-firefox-bg~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-br_FR\", rpm:\"mozilla-firefox-br_FR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ca\", rpm:\"mozilla-firefox-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-cs\", rpm:\"mozilla-firefox-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-da\", rpm:\"mozilla-firefox-da~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-de\", rpm:\"mozilla-firefox-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-el\", rpm:\"mozilla-firefox-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-en_GB\", rpm:\"mozilla-firefox-en_GB~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_AR\", rpm:\"mozilla-firefox-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_ES\", rpm:\"mozilla-firefox-es_ES~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-et_EE\", rpm:\"mozilla-firefox-et_EE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-eu\", rpm:\"mozilla-firefox-eu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-blogrovr\", rpm:\"mozilla-firefox-ext-blogrovr~1.1.771~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-foxmarks\", rpm:\"mozilla-firefox-ext-foxmarks~2.0.43~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-scribefire\", rpm:\"mozilla-firefox-ext-scribefire~1.4.2~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fi\", rpm:\"mozilla-firefox-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fr\", rpm:\"mozilla-firefox-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fy\", rpm:\"mozilla-firefox-fy~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ga\", rpm:\"mozilla-firefox-ga~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gnome-support\", rpm:\"mozilla-firefox-gnome-support~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gu_IN\", rpm:\"mozilla-firefox-gu_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-he\", rpm:\"mozilla-firefox-he~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-hu\", rpm:\"mozilla-firefox-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-it\", rpm:\"mozilla-firefox-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ja\", rpm:\"mozilla-firefox-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ka\", rpm:\"mozilla-firefox-ka~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ko\", rpm:\"mozilla-firefox-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ku\", rpm:\"mozilla-firefox-ku~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-lt\", rpm:\"mozilla-firefox-lt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mk\", rpm:\"mozilla-firefox-mk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mn\", rpm:\"mozilla-firefox-mn~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nb_NO\", rpm:\"mozilla-firefox-nb_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nl\", rpm:\"mozilla-firefox-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nn_NO\", rpm:\"mozilla-firefox-nn_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pa_IN\", rpm:\"mozilla-firefox-pa_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pl\", rpm:\"mozilla-firefox-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_BR\", rpm:\"mozilla-firefox-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_PT\", rpm:\"mozilla-firefox-pt_PT~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ro\", rpm:\"mozilla-firefox-ro~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ru\", rpm:\"mozilla-firefox-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sk\", rpm:\"mozilla-firefox-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sl\", rpm:\"mozilla-firefox-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sv_SE\", rpm:\"mozilla-firefox-sv_SE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-tr\", rpm:\"mozilla-firefox-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-uk\", rpm:\"mozilla-firefox-uk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_CN\", rpm:\"mozilla-firefox-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_TW\", rpm:\"mozilla-firefox-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-common\", rpm:\"totem-common~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-gstreamer\", rpm:\"totem-gstreamer~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla-gstreamer\", rpm:\"totem-mozilla-gstreamer~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.20.0~3.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse\", rpm:\"eclipse~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-l10n\", rpm:\"mozilla-firefox-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox-devel\", rpm:\"lib64mozilla-firefox-devel~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox2.0.0.12\", rpm:\"lib64mozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser-devel\", rpm:\"lib64totem-plparser-devel~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser7\", rpm:\"lib64totem-plparser7~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:38", "description": "Check for the Version of mozilla-firefox", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830624", "href": "http://plugins.openvas.org/nasl.php?oid=830624", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Firefox program, version 2.0.0.12.\n\n This update provides the latest Firefox to correct these issues.\";\n\ntag_affected = \"mozilla-firefox on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-02/msg00030.php\");\n script_id(830624);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:048\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_name( \"Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)\");\n\n script_summary(\"Check for the Version of mozilla-firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"deskbar-applet\", rpm:\"deskbar-applet~2.18.0~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-ecj\", rpm:\"eclipse-ecj~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt\", rpm:\"eclipse-jdt~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt-sdk\", rpm:\"eclipse-jdt-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde\", rpm:\"eclipse-pde~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-runtime\", rpm:\"eclipse-pde-runtime~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-sdk\", rpm:\"eclipse-pde-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform\", rpm:\"eclipse-platform~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform-sdk\", rpm:\"eclipse-platform-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp\", rpm:\"eclipse-rcp~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp-sdk\", rpm:\"eclipse-rcp-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-sdk\", rpm:\"eclipse-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.18.0~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.18.0~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-extensions\", rpm:\"epiphany-extensions~2.18.0~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gksu\", rpm:\"gnome-python-gksu~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0-devel\", rpm:\"libdevhelp-1_0-devel~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox-devel\", rpm:\"libmozilla-firefox-devel~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox2.0.0.12\", rpm:\"libmozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libswt3-gtk2\", rpm:\"libswt3-gtk2~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser1\", rpm:\"libtotem-plparser1~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser1-devel\", rpm:\"libtotem-plparser1-devel~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox\", rpm:\"mozilla-firefox~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-af\", rpm:\"mozilla-firefox-af~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ar\", rpm:\"mozilla-firefox-ar~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-be\", rpm:\"mozilla-firefox-be~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-bg\", rpm:\"mozilla-firefox-bg~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-br_FR\", rpm:\"mozilla-firefox-br_FR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ca\", rpm:\"mozilla-firefox-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-cs\", rpm:\"mozilla-firefox-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-da\", rpm:\"mozilla-firefox-da~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-de\", rpm:\"mozilla-firefox-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-el\", rpm:\"mozilla-firefox-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-en_GB\", rpm:\"mozilla-firefox-en_GB~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_AR\", rpm:\"mozilla-firefox-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_ES\", rpm:\"mozilla-firefox-es_ES~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-et_EE\", rpm:\"mozilla-firefox-et_EE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-eu\", rpm:\"mozilla-firefox-eu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fi\", rpm:\"mozilla-firefox-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fr\", rpm:\"mozilla-firefox-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fy\", rpm:\"mozilla-firefox-fy~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ga\", rpm:\"mozilla-firefox-ga~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gu_IN\", rpm:\"mozilla-firefox-gu_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-he\", rpm:\"mozilla-firefox-he~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-hu\", rpm:\"mozilla-firefox-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-it\", rpm:\"mozilla-firefox-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ja\", rpm:\"mozilla-firefox-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ka\", rpm:\"mozilla-firefox-ka~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ko\", rpm:\"mozilla-firefox-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ku\", rpm:\"mozilla-firefox-ku~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-lt\", rpm:\"mozilla-firefox-lt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mk\", rpm:\"mozilla-firefox-mk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mn\", rpm:\"mozilla-firefox-mn~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nb_NO\", rpm:\"mozilla-firefox-nb_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nl\", rpm:\"mozilla-firefox-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nn_NO\", rpm:\"mozilla-firefox-nn_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pa_IN\", rpm:\"mozilla-firefox-pa_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pl\", rpm:\"mozilla-firefox-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_BR\", rpm:\"mozilla-firefox-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_PT\", rpm:\"mozilla-firefox-pt_PT~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ro\", rpm:\"mozilla-firefox-ro~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ru\", rpm:\"mozilla-firefox-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sk\", rpm:\"mozilla-firefox-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sl\", rpm:\"mozilla-firefox-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sv_SE\", rpm:\"mozilla-firefox-sv_SE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-tr\", rpm:\"mozilla-firefox-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-uk\", rpm:\"mozilla-firefox-uk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_CN\", rpm:\"mozilla-firefox-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_TW\", rpm:\"mozilla-firefox-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-common\", rpm:\"totem-common~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-gstreamer\", rpm:\"totem-gstreamer~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla-gstreamer\", rpm:\"totem-mozilla-gstreamer~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.18.0~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse\", rpm:\"eclipse~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-l10n\", rpm:\"mozilla-firefox-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0-devel\", rpm:\"lib64devhelp-1_0-devel~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox-devel\", rpm:\"lib64mozilla-firefox-devel~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox2.0.0.12\", rpm:\"lib64mozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser1\", rpm:\"lib64totem-plparser1~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser1-devel\", rpm:\"lib64totem-plparser1-devel~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-cvs-client\", rpm:\"eclipse-cvs-client~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-ecj\", rpm:\"eclipse-ecj~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt\", rpm:\"eclipse-jdt~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde\", rpm:\"eclipse-pde~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-runtime\", rpm:\"eclipse-pde-runtime~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform\", rpm:\"eclipse-platform~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp\", rpm:\"eclipse-rcp~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.20.0~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.20.0~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~7.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gksu\", rpm:\"gnome-python-gksu~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox-devel\", rpm:\"libmozilla-firefox-devel~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox2.0.0.12\", rpm:\"libmozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libswt3-gtk2\", rpm:\"libswt3-gtk2~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser-devel\", rpm:\"libtotem-plparser-devel~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser7\", rpm:\"libtotem-plparser7~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox\", rpm:\"mozilla-firefox~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-af\", rpm:\"mozilla-firefox-af~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ar\", rpm:\"mozilla-firefox-ar~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-be\", rpm:\"mozilla-firefox-be~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-bg\", rpm:\"mozilla-firefox-bg~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-br_FR\", rpm:\"mozilla-firefox-br_FR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ca\", rpm:\"mozilla-firefox-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-cs\", rpm:\"mozilla-firefox-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-da\", rpm:\"mozilla-firefox-da~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-de\", rpm:\"mozilla-firefox-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-el\", rpm:\"mozilla-firefox-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-en_GB\", rpm:\"mozilla-firefox-en_GB~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_AR\", rpm:\"mozilla-firefox-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_ES\", rpm:\"mozilla-firefox-es_ES~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-et_EE\", rpm:\"mozilla-firefox-et_EE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-eu\", rpm:\"mozilla-firefox-eu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-blogrovr\", rpm:\"mozilla-firefox-ext-blogrovr~1.1.771~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-foxmarks\", rpm:\"mozilla-firefox-ext-foxmarks~2.0.43~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-scribefire\", rpm:\"mozilla-firefox-ext-scribefire~1.4.2~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fi\", rpm:\"mozilla-firefox-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fr\", rpm:\"mozilla-firefox-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fy\", rpm:\"mozilla-firefox-fy~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ga\", rpm:\"mozilla-firefox-ga~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gnome-support\", rpm:\"mozilla-firefox-gnome-support~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gu_IN\", rpm:\"mozilla-firefox-gu_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-he\", rpm:\"mozilla-firefox-he~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-hu\", rpm:\"mozilla-firefox-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-it\", rpm:\"mozilla-firefox-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ja\", rpm:\"mozilla-firefox-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ka\", rpm:\"mozilla-firefox-ka~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ko\", rpm:\"mozilla-firefox-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ku\", rpm:\"mozilla-firefox-ku~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-lt\", rpm:\"mozilla-firefox-lt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mk\", rpm:\"mozilla-firefox-mk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mn\", rpm:\"mozilla-firefox-mn~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nb_NO\", rpm:\"mozilla-firefox-nb_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nl\", rpm:\"mozilla-firefox-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nn_NO\", rpm:\"mozilla-firefox-nn_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pa_IN\", rpm:\"mozilla-firefox-pa_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pl\", rpm:\"mozilla-firefox-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_BR\", rpm:\"mozilla-firefox-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_PT\", rpm:\"mozilla-firefox-pt_PT~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ro\", rpm:\"mozilla-firefox-ro~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ru\", rpm:\"mozilla-firefox-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sk\", rpm:\"mozilla-firefox-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sl\", rpm:\"mozilla-firefox-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sv_SE\", rpm:\"mozilla-firefox-sv_SE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-tr\", rpm:\"mozilla-firefox-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-uk\", rpm:\"mozilla-firefox-uk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_CN\", rpm:\"mozilla-firefox-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_TW\", rpm:\"mozilla-firefox-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-common\", rpm:\"totem-common~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-gstreamer\", rpm:\"totem-gstreamer~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla-gstreamer\", rpm:\"totem-mozilla-gstreamer~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.20.0~3.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse\", rpm:\"eclipse~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-l10n\", rpm:\"mozilla-firefox-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox-devel\", rpm:\"lib64mozilla-firefox-devel~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox2.0.0.12\", rpm:\"lib64mozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser-devel\", rpm:\"lib64totem-plparser-devel~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser7\", rpm:\"lib64totem-plparser7~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:44", "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 1485-1.", "cvss3": {}, "published": "2008-02-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1485-1 (icedove)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60362", "href": "http://plugins.openvas.org/nasl.php?oid=60362", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1485_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1485-1 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Icedove mail\nclient, an unbranded version of the Thunderbird client. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\nJesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\nNickerson discovered crashes in the layout engine, which might allow\nthe execution of arbitrary code.\n\nCVE-2008-0413\n\nCarsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\nPhilip Taylor and tgirmann discovered crashes in the Javascript\nengine, which might allow the execution of arbitrary code.\n\nCVE-2008-0415\n\nmoz_bug_r_a4 and Boris Zbarsky discovered discovered several\nvulnerabilities in Javascript handling, which could allow\nprivilege escalation.\n\nCVE-2008-0418\n\nGerry Eisenhaur and moz_bug_r_a4 discovered that a directory\ntraversal vulnerability in chrome: URI handling could lead to\ninformation disclosure.\n\nCVE-2008-0419\n\nDavid Bloom discovered a race condition in the image handling of\ndesignMode elements, which can lead to information disclosure or\npotentially the execution of arbitrary code.\n\nCVE-2008-0591\n\nMichal Zalewski discovered that timers protecting security-sensitive\ndialogs (which disable dialog elements until a timeout is reached)\ncould be bypassed by window focus changes through Javascript.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.5.0.13+1.5.0.15b.dfsg1-0etch1.\n\nThe Mozilla products in the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your icedove packages.\";\ntag_summary = \"The remote host is missing an update to icedove\nannounced via advisory DSA 1485-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201485-1\";\n\n\nif(description)\n{\n script_id(60362);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-15 23:29:21 +0100 (Fri, 15 Feb 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1485-1 (icedove)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-inspector\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:01", "description": "Check for the Version of galeon", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for galeon FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860664", "href": "http://plugins.openvas.org/nasl.php?oid=860664", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for galeon FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"galeon on Fedora 8\";\ntag_insight = \"Galeon is a web browser built around Gecko (Mozilla's rendering\n engine) and Necko (Mozilla's networking engine). It's a GNOME web\n browser, designed to take advantage of as many GNOME technologies as\n makes sense. Galeon was written to do just one thing - browse the web.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00383.html\");\n script_id(860664);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for galeon FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of galeon\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.4~1.fc8.2\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:12", "description": "Check for the Version of yelp", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for yelp FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860287", "href": "http://plugins.openvas.org/nasl.php?oid=860287", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for yelp FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"yelp on Fedora 8\";\ntag_insight = \"Yelp is the Gnome 2 help/documentation browser. It is designed\n to help you browse all the documentation on your system in\n one central tool.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00385.html\");\n script_id(860287);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for yelp FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of yelp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.20.0~7.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:10", "description": "Check for the Version of gtkmozembedmm", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gtkmozembedmm FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860127", "href": "http://plugins.openvas.org/nasl.php?oid=860127", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gtkmozembedmm FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gtkmozembedmm on Fedora 8\";\ntag_insight = \"This package provides a C++/gtkmm wrapper for GtkMozEmbed\n from Mozilla 1.4.x to 1.7.x.\n The wrapper provides a convenient interface for C++ programmers\n to use the Gtkmozembed HTML-rendering widget inside their software.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html\");\n script_id(860127);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gtkmozembedmm FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of gtkmozembedmm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"gtkmozembedmm\", rpm:\"gtkmozembedmm~1.4.2.cvs20060817~18.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:55", "description": "Check for the Version of chmsee", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for chmsee FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860442", "href": "http://plugins.openvas.org/nasl.php?oid=860442", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chmsee FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A gtk2 chm document viewer.\n\n It uses chmlib to extract files. It uses gecko to display pages. It supports\n displaying multilingual pages due to gecko. It features bookmarks and tabs.\n The tabs could be used to jump inside the chm file conveniently. Its UI is\n clean and handy, also is well localized. It is actively developed and\n maintained. The author of chmsee is Jungle Ji and several other great people.\n \n Hint\n * Unlike other chm viewers, chmsee extracts files from chm file, and then read\n and display them. The extracted files could be found in $HOME/.chmsee/bookshelf\n directory. You can clean those files at any time and there is a special config\n option for that.\n * The bookmark is related to each file so not all bookmarks will be loaded,\n only current file's.\n * Try to remove $HOME/.chmsee if you encounter any problem after an upgrade.\";\n\ntag_affected = \"chmsee on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00375.html\");\n script_id(860442);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for chmsee FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of chmsee\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"chmsee\", rpm:\"chmsee~1.0.0~1.28.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:00", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860306", "href": "http://plugins.openvas.org/nasl.php?oid=860306", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 7\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html\");\n script_id(860306);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for firefox FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~2.0.0.12~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:56", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-hu\n mozilla-cs\n mozilla-venkman\n mozilla-dom-inspector\n mozilla-mail\n mozilla-calendar\n mozilla-devel\n mozilla-irc\n mozilla-deat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021982 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Mozilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065196", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065196", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021982.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Mozilla\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-hu\n mozilla-cs\n mozilla-venkman\n mozilla-dom-inspector\n mozilla-mail\n mozilla-calendar\n mozilla-devel\n mozilla-irc\n mozilla-deat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021982 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65196\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-0594\", \"CVE-2008-0593\", \"CVE-2008-0592\", \"CVE-2008-0591\", \"CVE-2008-0419\", \"CVE-2008-0418\", \"CVE-2008-0417\", \"CVE-2008-0415\", \"CVE-2008-0414\", \"CVE-2008-0412\", \"CVE-2008-0413\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla\", rpm:\"mozilla~1.8_seamonkey_1.0.9~1.10\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:35", "description": "Check for the Version of epiphany-extensions", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for epiphany-extensions FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860109", "href": "http://plugins.openvas.org/nasl.php?oid=860109", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for epiphany-extensions FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"epiphany-extensions on Fedora 7\";\ntag_insight = \"Epiphany Extensions is a collection of extensions for Epiphany, the\n GNOME web browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00273.html\");\n script_id(860109);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for epiphany-extensions FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of epiphany-extensions\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"epiphany-extensions\", rpm:\"epiphany-extensions~2.18.3~7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:15", "description": "Check for the Version of epiphany-extensions", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for epiphany-extensions FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860234", "href": "http://plugins.openvas.org/nasl.php?oid=860234", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for epiphany-extensions FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"epiphany-extensions on Fedora 8\";\ntag_insight = \"Epiphany Extensions is a collection of extensions for Epiphany, the\n GNOME web browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00376.html\");\n script_id(860234);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for epiphany-extensions FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of epiphany-extensions\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"epiphany-extensions\", rpm:\"epiphany-extensions~2.20.1~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:59", "description": "Check for the Version of devhelp", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for devhelp FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860693", "href": "http://plugins.openvas.org/nasl.php?oid=860693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for devhelp FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"devhelp on Fedora 8\";\ntag_insight = \"An API document browser for GNOME 2.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00373.html\");\n script_id(860693);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for devhelp FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of devhelp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.16.1~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:49", "description": "Check for the Version of epiphany", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for epiphany FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860822", "href": "http://plugins.openvas.org/nasl.php?oid=860822", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for epiphany FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"epiphany on Fedora 8\";\ntag_insight = \"epiphany is a simple GNOME web browser based on the Mozilla rendering\n engine.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00379.html\");\n script_id(860822);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for epiphany FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of epiphany\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.20.2~3.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:35", "description": "Check for the Version of openvrml", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for openvrml FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860538", "href": "http://plugins.openvas.org/nasl.php?oid=860538", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openvrml FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openvrml on Fedora 8\";\ntag_insight = \"OpenVRML is a VRML/X3D support library, including a runtime and facilities\n for reading and displaying VRML and X3D models.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00387.html\");\n script_id(860538);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for openvrml FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of openvrml\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"openvrml\", rpm:\"openvrml~0.17.5~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:23", "description": "Check for the Version of Miro", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for Miro FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860787", "href": "http://plugins.openvas.org/nasl.php?oid=860787", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for Miro FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"Miro on Fedora 7\";\ntag_insight = \"Miro is a free application that turns your computer into an\n internet TV video player. This release is still a beta version, which means\n that there are some bugs, but we're moving quickly to fix them and will be\n releasing bug fixes on a regular basis.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00284.html\");\n script_id(860787);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for Miro FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of Miro\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"Miro\", rpm:\"Miro~1.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:46", "description": "Check for the Version of gnome-web-photo", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-web-photo FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860616", "href": "http://plugins.openvas.org/nasl.php?oid=860616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-web-photo FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-web-photo on Fedora 8\";\ntag_insight = \"gnome-web-photo contains a thumbnailer that will be used by GNOME applications,\n including the file manager, to generate screenshots of web pages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00377.html\");\n script_id(860616);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gnome-web-photo FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of gnome-web-photo\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-web-photo\", rpm:\"gnome-web-photo~0.3~8.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:05", "description": "Check for the Version of galeon", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for galeon FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860512", "href": "http://plugins.openvas.org/nasl.php?oid=860512", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for galeon FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"galeon on Fedora 7\";\ntag_insight = \"Galeon is a web browser built around Gecko (Mozilla's rendering\n engine) and Necko (Mozilla's networking engine). It's a GNOME web\n browser, designed to take advantage of as many GNOME technologies as\n makes sense. Galeon was written to do just one thing - browse the web.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00278.html\");\n script_id(860512);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for galeon FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of galeon\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~15.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:53", "description": "Check for the Version of gnome-python2-extras", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860415", "href": "http://plugins.openvas.org/nasl.php?oid=860415", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 8\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00378.html\");\n script_id(860415);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gnome-python2-extras FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.19.1~12.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:26", "description": "Check for the Version of gtkmozembedmm", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gtkmozembedmm FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860051", "href": "http://plugins.openvas.org/nasl.php?oid=860051", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gtkmozembedmm FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gtkmozembedmm on Fedora 7\";\ntag_insight = \"This package provides a C++/gtkmm wrapper for GtkMozEmbed\n from Mozilla 1.4.x to 1.7.x.\n The wrapper provides a convenient interface for C++ programmers\n to use the Gtkmozembed HTML-rendering widget inside their software.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00276.html\");\n script_id(860051);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gtkmozembedmm FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of gtkmozembedmm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gtkmozembedmm\", rpm:\"gtkmozembedmm~1.4.2.cvs20060817~15.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:38", "description": "Check for the Version of openvrml", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for openvrml FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860105", "href": "http://plugins.openvas.org/nasl.php?oid=860105", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openvrml FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openvrml on Fedora 7\";\ntag_insight = \"OpenVRML is a VRML/X3D support library, including a runtime and facilities\n for reading and displaying VRML and X3D models.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00285.html\");\n script_id(860105);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for openvrml FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of openvrml\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openvrml\", rpm:\"openvrml~0.16.7~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:05", "description": "Check for the Version of devhelp", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for devhelp FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860679", "href": "http://plugins.openvas.org/nasl.php?oid=860679", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for devhelp FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"devhelp on Fedora 7\";\ntag_insight = \"An API document browser for GNOME 2.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00275.html\");\n script_id(860679);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for devhelp FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of devhelp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.13~13.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:26", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-hu\n mozilla-cs\n mozilla-venkman\n mozilla-dom-inspector\n mozilla-mail\n mozilla-calendar\n mozilla-devel\n mozilla-irc\n mozilla-deat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021982 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Mozilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65196", "href": "http://plugins.openvas.org/nasl.php?oid=65196", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021982.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Mozilla\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-hu\n mozilla-cs\n mozilla-venkman\n mozilla-dom-inspector\n mozilla-mail\n mozilla-calendar\n mozilla-devel\n mozilla-irc\n mozilla-deat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021982 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65196);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-0594\", \"CVE-2008-0593\", \"CVE-2008-0592\", \"CVE-2008-0591\", \"CVE-2008-0419\", \"CVE-2008-0418\", \"CVE-2008-0417\", \"CVE-2008-0415\", \"CVE-2008-0414\", \"CVE-2008-0412\", \"CVE-2008-0413\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla\", rpm:\"mozilla~1.8_seamonkey_1.0.9~1.10\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:17", "description": "Check for the Version of kazehakase", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for kazehakase FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860637", "href": "http://plugins.openvas.org/nasl.php?oid=860637", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kazehakase FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kazehakase on Fedora 7\";\ntag_insight = \"Kazehakase is a Web browser which aims to provide\n a user interface that is truly user-friendly & fully customizable.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00282.html\");\n script_id(860637);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for kazehakase FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of kazehakase\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kazehakase\", rpm:\"kazehakase~0.5.2~1.fc7.2\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:35", "description": "Check for the Version of MozillaFirefox,seamonkey", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:008", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850020", "href": "http://plugins.openvas.org/nasl.php?oid=850020", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_008.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:008\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The web browser Mozilla Firefox has been brought to security update\n version 2.0.0.12.\n\n The Firefox versions was upgraded to 2.0.0.12 on:\n - SUSE Linux 10.1, openSUSE 10.2 and 10.3\n - SUSE Linux Enterprise Server and Desktop 10\n\n All Firefox fixes were also back ported to the Firefox 1.5.0.14 version\n in Novell Linux Desktop 9.\n\n Also released were Mozilla Seamonkey Suite 1.8.1.12 packages for\n openSUSE 10.2 and 10.3. All Mozilla Seamonkey fixes were back ported\n to the SUSE Linux 10.1 seamonkey 1.8.0 version.\n\n Following security problems were fixed:\n - CVE-2008-0594 Web forgery overwrite with div overlay\n - CVE-2008-0593 URL token stealing via stylesheet redirect\n - CVE-2008-0592 Mishandling of locally-saved plain text files\n - CVE-2008-0591 File action dialog tampering\n - CVE-2008-0419 Web browsing history and forward navigation\n stealing\n - CVE-2008-0418 Directory traversal via chrome: URI\n - CVE-2008-0417 Stored password corruption\n - CVE-2008-0415 Privilege escalation, XSS, Remote Code\n Execution\n - CVE-2008-0414 Multiple file input focus stealing\n vulnerabilities\n - CVE-2008-0413 Crashes with evidence of\n memory corruption (rv:1.8.1.12)\";\n\ntag_impact = \"remote code execution\";\ntag_affected = \"MozillaFirefox,seamonkey on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850020);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-008\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_name( \"SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:008\");\n\n script_summary(\"Check for the Version of MozillaFirefox,seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~1.5.0.12~0.9\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~1.5.0.12~0.9\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-calendar\", rpm:\"seamonkey-calendar~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:58", "description": "Check for the Version of kazehakase", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for kazehakase FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860429", "href": "http://plugins.openvas.org/nasl.php?oid=860429", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kazehakase FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kazehakase on Fedora 8\";\ntag_insight = \"Kazehakase is a Web browser which aims to provide\n a user interface that is truly user-friendly & fully customizable.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00382.html\");\n script_id(860429);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for kazehakase FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of kazehakase\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"kazehakase\", rpm:\"kazehakase~0.5.2~1.fc8.2\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:01", "description": "The remote host is missing an update to iceape\nannounced via advisory DSA 1506-2.", "cvss3": {}, "published": "2008-03-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1506-2 (iceape)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60615", "href": "http://plugins.openvas.org/nasl.php?oid=60615", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1506_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1506-2 (iceape)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A regression has been fixed in iceape's frame handling code.\nFor details, please visit the referenced advisories.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.0.12~pre080131b-0etch2.\n\nThe Mozilla releases from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceape packages.\";\ntag_summary = \"The remote host is missing an update to iceape\nannounced via advisory DSA 1506-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201506-2\";\n\n\nif(description)\n{\n script_id(60615);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-03-27 18:25:13 +0100 (Thu, 27 Mar 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1506-2 (iceape)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"iceape-dev\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-psm\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-js-debugger\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dom-inspector\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-browser\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dev\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-mailnews\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-calendar\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-chatzilla\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-chatzilla\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-calendar\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dbg\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-mailnews\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-gnome-support\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-browser\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dom-inspector\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:58", "description": "Check for the Version of epiphany", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for epiphany FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860719", "href": "http://plugins.openvas.org/nasl.php?oid=860719", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for epiphany FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"epiphany on Fedora 7\";\ntag_insight = \"epiphany is a simple GNOME web browser based on the Mozilla rendering\n engine.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00280.html\");\n script_id(860719);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for epiphany FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of epiphany\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.18.3~6.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:15", "description": "Check for the Version of Miro", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for Miro FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860857", "href": "http://plugins.openvas.org/nasl.php?oid=860857", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for Miro FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"Miro on Fedora 8\";\ntag_insight = \"Miro is a free application that turns your computer into an\n internet TV video player. This release is still a beta version, which means\n that there are some bugs, but we're moving quickly to fix them and will be\n releasing bug fixes on a regular basis.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00384.html\");\n script_id(860857);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for Miro FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of Miro\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"Miro\", rpm:\"Miro~1.1~3.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:05", "description": "Check for the Version of gnome-python2-extras", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860802", "href": "http://plugins.openvas.org/nasl.php?oid=860802", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 7\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00277.html\");\n script_id(860802);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gnome-python2-extras FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.14.3~8.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:23", "description": "Check for the Version of chmsee", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for chmsee FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860588", "href": "http://plugins.openvas.org/nasl.php?oid=860588", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chmsee FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A gtk2 chm document viewer.\n\n It uses chmlib to extract files. It uses gecko to display pages. It supports\n displaying multilingual pages due to gecko. It features bookmarks and tabs.\n The tabs could be used to jump inside the chm file conveniently. Its UI is\n clean and handy, also is well localized. It is actively developed and\n maintained. The author of chmsee is Jungle Ji and several other great people.\n \n Hint\n * Unlike other chm viewers, chmsee extracts files from chm file, and then read\n and display them. The extracted files could be found in $HOME/.chmsee/bookshelf\n directory. You can clean those files at any time and there is a special config\n option for that.\n * The bookmark is related to each file so not all bookmarks will be loaded,\n only current file's.\n * Try to remove $HOME/.chmsee if you encounter any problem after an upgrade.\";\n\ntag_affected = \"chmsee on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00272.html\");\n script_id(860588);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for chmsee FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of chmsee\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"chmsee\", rpm:\"chmsee~1.0.0~1.28.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:01", "description": "The remote host is missing an update to iceape\nannounced via advisory DSA 1506-1.", "cvss3": {}, "published": "2008-02-28T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1506-1 (iceape)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60441", "href": "http://plugins.openvas.org/nasl.php?oid=60441", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1506_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1506-1 (iceape)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Iceape internet\nsuite, an unbranded version of the Seamonkey Internet Suite.\nFor details, please visit the referenced security advisories.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.0.12~pre080131b-0etch1.\n\nThe Mozilla releases from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceape packages.\";\ntag_summary = \"The remote host is missing an update to iceape\nannounced via advisory DSA 1506-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201506-1\";\n\n\nif(description)\n{\n script_id(60441);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-28 02:09:28 +0100 (Thu, 28 Feb 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1506-1 (iceape)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-calendar\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-js-debugger\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-chatzilla\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dev\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dom-inspector\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-chatzilla\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dev\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-mailnews\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-psm\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-browser\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dom-inspector\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dbg\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-gnome-support\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-calendar\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-mailnews\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-browser\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:15", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860714", "href": "http://plugins.openvas.org/nasl.php?oid=860714", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 8\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00380.html\");\n script_id(860714);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for firefox FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~2.0.0.12~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:22", "description": "Check for the Version of yelp", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for yelp FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860054", "href": "http://plugins.openvas.org/nasl.php?oid=860054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for yelp FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"yelp on Fedora 7\";\ntag_insight = \"Yelp is the Gnome 2 help/documentation browser. It is designed\n to help you browse all the documentation on your system in\n one central tool.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00283.html\");\n script_id(860054);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for yelp FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of yelp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.18.1~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:51", "description": "Check for the Version of ruby-gnome2", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for ruby-gnome2 FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2007-6183", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860316", "href": "http://plugins.openvas.org/nasl.php?oid=860316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby-gnome2 FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby-gnome2 on Fedora 7\";\ntag_insight = \"This is a set of bindings for the GNOME-2.x libraries for use from Ruby.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00279.html\");\n script_id(860316);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2007-6183\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for ruby-gnome2 FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of ruby-gnome2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby-gnome2\", rpm:\"ruby-gnome2~0.16.0~21.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:00", "description": "Check for the Version of ruby-gnome2", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for ruby-gnome2 FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2007-6183", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860269", "href": "http://plugins.openvas.org/nasl.php?oid=860269", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby-gnome2 FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby-gnome2 on Fedora 8\";\ntag_insight = \"This is a set of bindings for the GNOME-2.x libraries for use from Ruby.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00388.html\");\n script_id(860269);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2007-6183\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for ruby-gnome2 FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of ruby-gnome2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby-gnome2\", rpm:\"ruby-gnome2~0.16.0~20.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:10", "description": "Check for the Version of blam", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for blam FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2005-4790", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860601", "href": "http://plugins.openvas.org/nasl.php?oid=860601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for blam FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"blam on Fedora 8\";\ntag_insight = \"Blam is a tool that helps you keep track of the growing\n number of news feeds distributed as RSS. Blam lets you\n subscribe to any number of feeds and provides an easy to\n use and clean interface to stay up to date\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00374.html\");\n script_id(860601);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2005-4790\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for blam FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of blam\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"blam\", rpm:\"blam~1.8.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:58", "description": "Check for the Version of liferea", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for liferea FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2007-5751", "CVE-2006-4791", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860212", "href": "http://plugins.openvas.org/nasl.php?oid=860212", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for liferea FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"liferea on Fedora 7\";\ntag_insight = \"Liferea (Linux Feed Reader) is an RSS/RDF feed reader.\n It's intended to be a clone of the Windows-only FeedReader.\n It can be used to maintain a list of subscribed feeds,\n browse through their items, and show their contents.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00281.html\");\n script_id(860212);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2006-4791\", \"CVE-2007-5751\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for liferea FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of liferea\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"liferea\", rpm:\"liferea~1.4.9~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:25", "description": "Check for the Version of liferea", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for liferea FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2007-5751", "CVE-2006-4791", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860467", "href": "http://plugins.openvas.org/nasl.php?oid=860467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for liferea FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"liferea on Fedora 8\";\ntag_insight = \"Liferea (Linux Feed Reader) is an RSS/RDF feed reader.\n It's intended to be a clone of the Windows-only FeedReader.\n It can be used to maintain a list of subscribed feeds,\n browse through their items, and show their contents.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00386.html\");\n script_id(860467);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2006-4791\", \"CVE-2007-5751\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for liferea FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of liferea\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"liferea\", rpm:\"liferea~1.4.11~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:28", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-582-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-582-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0420", "CVE-2008-0415"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840238", "href": "http://plugins.openvas.org/nasl.php?oid=840238", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_582_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-582-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Thunderbird did not properly set the size of a\n buffer when parsing an external-body MIME-type. If a user were to open\n a specially crafted email, an attacker could cause a denial of service\n via application crash or possibly execute arbitrary code as the user.\n (CVE-2008-0304)\n\n Various flaws were discovered in Thunderbird and its JavaScript\n engine. By tricking a user into opening a malicious message, an\n attacker could execute arbitrary code with the user's privileges.\n (CVE-2008-0412, CVE-2008-0413)\n \n Various flaws were discovered in the JavaScript engine. By tricking\n a user into opening a malicious message, an attacker could escalate\n privileges within Thunderbird, perform cross-site scripting attacks\n and/or execute arbitrary code with the user's privileges. (CVE-2008-0415)\n \n Gerry Eisenhaur discovered that the chrome URI scheme did not properly\n guard against directory traversal. Under certain circumstances, an\n attacker may be able to load files or steal session data. Ubuntu is not\n vulnerable in the default installation. (CVE-2008-0418)\n \n Flaws were discovered in the BMP decoder. By tricking a user into\n opening a specially crafted BMP file, an attacker could obtain\n sensitive information. (CVE-2008-0420)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-582-1\";\ntag_affected = \"mozilla-thunderbird, thunderbird vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-582-1/\");\n script_id(840238);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"582-1\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0420\");\n script_name( \"Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-582-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.12+nobinonly-0ubuntu0.7.10.0\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.12+nobinonly-0ubuntu0.7.10.0\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.12+nobinonly-0ubuntu0.7.10.0\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.12+nobinonly-0ubuntu0.7.10.0\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.12+nobinonly-0ubuntu0.7.10.0\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:11", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-582-2", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for mozilla-thunderbird USN-582-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0420", "CVE-2008-0415"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840287", "href": "http://plugins.openvas.org/nasl.php?oid=840287", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_582_2.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for mozilla-thunderbird USN-582-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream\n fixes were incomplete, and after performing certain actions Thunderbird\n would crash due to memory errors. This update fixes the problem.\n\n We apologize for the inconvenience.\n \n Original advisory details:\n \n It was discovered that Thunderbird did not properly set the size of a\n buffer when parsing an external-body MIME-type. If a user were to open\n a specially crafted email, an attacker could cause a denial of service\n via application crash or possibly execute arbitrary code as the user.\n (CVE-2008-0304)\n \n Various flaws were discovered in Thunderbird and its JavaScript\n engine. By tricking a user into opening a malicious message, an\n attacker could execute arbitrary code with the user's privileges.\n (CVE-2008-0412, CVE-2008-0413)\n \n Various flaws were discovered in the JavaScript engine. By tricking\n a user into opening a malicious message, an attacker could escalate\n privileges within Thunderbird, perform cross-site scripting attacks\n and/or execute arbitrary code with the user's privileges. (CVE-2008-0415)\n \n Gerry Eisenhaur discovered that the chrome URI scheme did not properly\n guard against directory traversal. Under certain circumstances, an\n attacker may be able to load files or steal session data. Ubuntu is not\n vulnerable in the default installation. (CVE-2008-0418)\n \n Flaws were discovered in the BMP decoder. By tricking a user into\n opening a specially crafted BMP file, an attacker could obtain\n sensitive information. (CVE-2008-0420)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-582-2\";\ntag_affected = \"mozilla-thunderbird on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-582-2/\");\n script_id(840287);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"582-2\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0420\");\n script_name( \"Ubuntu Update for mozilla-thunderbird USN-582-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:01", "description": "Check for the Version of mozilla-thunderbird", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830675", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Thunderbird program, version 2.0.0.12.\n\n This update provides the latest Thunderbird to correct these issues.\";\n\ntag_affected = \"mozilla-thunderbird on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-03/msg00007.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830675\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:062\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0591\");\n script_name( \"Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-moztraybiff\", rpm:\"mozilla-thunderbird-moztraybiff~1.2.3~4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:58", "description": "Check for the Version of mozilla-thunderbird", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830675", "href": "http://plugins.openvas.org/nasl.php?oid=830675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Thunderbird program, version 2.0.0.12.\n\n This update provides the latest Thunderbird to correct these issues.\";\n\ntag_affected = \"mozilla-thunderbird on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-03/msg00007.php\");\n script_id(830675);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:062\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0591\");\n script_name( \"Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)\");\n\n script_summary(\"Check for the Version of mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-moztraybiff\", rpm:\"mozilla-thunderbird-moztraybiff~1.2.3~4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:58", "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-061-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2008-061-01 mozilla-thunderbird", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0415"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231060523", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231060523", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_061_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.60523\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0418\", \"CVE-2008-0415\", \"CVE-2008-0412\", \"CVE-2008-0413\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2008-061-01 mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(10\\.2|11\\.0|12\\.0)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-061-01\");\n\n script_tag(name:\"insight\", value:\"New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0,\nand -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2008-061-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.12-i686-1\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.12-i686-1\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.12-i686-1\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:03", "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-061-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2008-061-01 mozilla-thunderbird", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0415"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60523", "href": "http://plugins.openvas.org/nasl.php?oid=60523", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_061_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2008-061-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-061-01\";\n \nif(description)\n{\n script_id(60523);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0418\", \"CVE-2008-0415\", \"CVE-2008-0412\", \"CVE-2008-0413\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2008-061-01 mozilla-thunderbird \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.12-i686-1\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.12-i686-1\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.12-i686-1\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:22", "description": "The remote host is missing updates announced in\nadvisory GLSA 200805-18.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200805-18 (mozilla ...)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4879", "CVE-2008-0417", "CVE-2008-1236", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-1240", "CVE-2008-1237", "CVE-2008-0593", "CVE-2008-1238", "CVE-2008-0413", "CVE-2008-1380", "CVE-2008-1233", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-1234", "CVE-2008-1235", "CVE-2008-0420", "CVE-2008-1241", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:61052", "href": "http://plugins.openvas.org/nasl.php?oid=61052", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been reported in Mozilla Firefox,\nThunderbird, SeaMonkey and XULRunner, some of which may allow\nuser-assisted execution of arbitrary code.\";\ntag_solution = \"Upgrade to the latest package. For details, please visit the\nreferenced security advisory.\n\nNOTE: The crash vulnerability (CVE-2008-1380) is currently unfixed in the\nSeaMonkey binary ebuild, as no precompiled packages have been released.\nUntil an update is available, we recommend all SeaMonkey users to disable\nJavaScript, use Firefox for JavaScript-enabled browsing, or switch to the\nSeaMonkey source ebuild.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200805-18\nhttp://bugs.gentoo.org/show_bug.cgi?id=208128\nhttp://bugs.gentoo.org/show_bug.cgi?id=214816\nhttp://bugs.gentoo.org/show_bug.cgi?id=218065\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200805-18.\";\n\n \n\nif(description)\n{\n script_id(61052);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-4879\", \"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\", \"CVE-2008-1233\", \"CVE-2008-1234\", \"CVE-2008-1235\", \"CVE-2008-1236\", \"CVE-2008-1237\", \"CVE-2008-1238\", \"CVE-2008-1240\", \"CVE-2008-1241\", \"CVE-2008-1380\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200805-18 (mozilla ...)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-client/mozilla-firefox\", unaffected: make_list(\"ge 2.0.0.14\"), vulnerable: make_list(\"lt 2.0.0.14\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"www-client/mozilla-firefox-bin\", unaffected: make_list(\"ge 2.0.0.14\"), vulnerable: make_list(\"lt 2.0.0.14\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"mail-client/mozilla-thunderbird\", unaffected: make_list(\"ge 2.0.0.14\"), vulnerable: make_list(\"lt 2.0.0.14\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"mail-client/mozilla-thunderbird-bin\", unaffected: make_list(\"ge 2.0.0.14\"), vulnerable: make_list(\"lt 2.0.0.14\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"www-client/seamonkey\", unaffected: make_list(\"ge 1.1.9-r1\"), vulnerable: make_list(\"lt 1.1.9-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"www-client/seamonkey-bin\", unaffected: make_list(\"ge 1.1.9\"), vulnerable: make_list(\"lt 1.1.9\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"net-libs/xulrunner\", unaffected: make_list(\"ge 1.8.1.14\"), vulnerable: make_list(\"lt 1.8.1.14\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:19", "description": " [1.5.0.12-9.0.1]\n - Added Oracle specific links into default bookmarks\n \n [1.5.0.12-9]\n - Update to latest snapshot of Mozilla 1.8.0 branch\n - Added a patch with backported fixes from 1.8.1.12 ", "cvss3": {}, "published": "2008-02-08T00:00:00", "type": "oraclelinux", "title": "Critical: firefox security update ", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2008-02-08T00:00:00", "id": "ELSA-2008-0103", "href": "http://linux.oracle.com/errata/ELSA-2008-0103.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:46", "description": " [1.0.9-0.9.el3.0.1]\n - Add mozilla-home-page.patch, mozilla-oracle-default-bookmarks.html, and\n mozilla-oracle-default-prefs.js\n \n [1.0.9-0.9.el3]\n - Update to latest snapshot of Mozilla 1.8.0 branch\n - Added a patch with backported fixes from 1.8.1.12 ", "cvss3": {}, "published": "2008-02-08T00:00:00", "type": "oraclelinux", "title": "Critical: seamonkey security update ", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2008-02-08T00:00:00", "id": "ELSA-2008-0104", "href": "http://linux.oracle.com/errata/ELSA-2008-0104.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:15", "description": " [1.5.0.12-8.el4.0.1]\n - Add thunderbird-oracle-default-prefs.js for errata rebuild\n \n [1.5.0.12-8]\n - Update to latest snapshot of Mozilla 1.8.0 branch\n - Added a patch with backported fixes from 1.8.1.12 ", "cvss3": {}, "published": "2008-02-08T00:00:00", "type": "oraclelinux", "title": "Moderate: thunderbird security update ", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2008-02-08T00:00:00", "id": "ELSA-2008-0105", "href": "http://linux.oracle.com/errata/ELSA-2008-0105.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2023-09-08T09:57:44", "description": "**CentOS Errata and Security Advisory** CESA-2008:0103\n\n\nMozilla Firefox is an open source Web browser.\r\n\r\nSeveral flaws were found in the way Firefox processed certain malformed web\r\ncontent. A webpage containing malicious content could cause Firefox to\r\ncrash, or potentially execute arbitrary code as the user running Firefox.\r\n(CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\r\n\r\nSeveral flaws were found in the way Firefox displayed malformed web\r\ncontent. A webpage containing specially-crafted content could trick a user\r\ninto surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\r\n\r\nA flaw was found in the way Firefox stored password data. If a user saves\r\nlogin information for a malicious website, it could be possible to corrupt\r\nthe password database, preventing the user from properly accessing saved\r\npassword data. (CVE-2008-0417)\r\n\r\nA flaw was found in the way Firefox handles certain chrome URLs. If a user\r\nhas certain extensions installed, it could allow a malicious website to\r\nsteal sensitive session data. Note: this flaw does not affect a default\r\ninstallation of Firefox. (CVE-2008-0418)\r\n\r\nA flaw was found in the way Firefox saves certain text files. If a\r\nwebsite offers a file of type \"plain/text\", rather than \"text/plain\",\r\nFirefox will not show future \"text/plain\" content to the user in the\r\nbrowser, forcing them to save those files locally to view the content.\r\n(CVE-2008-0592) \r\n\r\nUsers of firefox are advised to upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076825.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076826.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076831.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076832.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076837.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076839.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076840.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076843.html\n\n**Affected packages:**\nfirefox\nfirefox-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2008:0103", "cvss3": {}, "published": "2008-02-08T19:18:05", "type": "centos", "title": "firefox security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2008-02-10T16:37:51", "id": "CESA-2008:0103", "href": "https://lists.centos.org/pipermail/centos-announce/2008-February/076825.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-09-08T09:59:02", "description": "**CentOS Errata and Security Advisory** CESA-2008:0104-01\n\n\nSeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain malformed\r\nweb content. A webpage containing malicious content could cause SeaMonkey\r\nto crash, or potentially execute arbitrary code as the user running\r\nSeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\r\n\r\nSeveral flaws were found in the way SeaMonkey displayed malformed web\r\ncontent. A webpage containing specially-crafted content could trick a user\r\ninto surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\r\n\r\nA flaw was found in the way SeaMonkey stored password data. If a user\r\nsaves login information for a malicious website, it could be possible\r\nto corrupt the password database, preventing the user from properly\r\naccessing saved password data. (CVE-2008-0417)\r\n\r\nA flaw was found in the way SeaMonkey handles certain chrome URLs. If a\r\nuser has certain extensions installed, it could allow a malicious website\r\nto steal sensitive session data. Note: this flaw does not affect a default\r\ninstallation of SeaMonkey. (CVE-2008-0418)\r\n\r\nA flaw was found in the way SeaMonkey saves certain text files. If a\r\nwebsite offers a file of type \"plain/text\", rather than \"text/plain\",\r\nSeaMonkey will not show future \"text/plain\" content to the user in the\r\nbrowser, forcing them to save those files locally to view the content.\r\n(CVE-2008-0592)\r\n\r\nUsers of SeaMonkey are advised to upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076844.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n", "cvss3": {}, "published": "2008-02-11T00:20:26", "type": "centos", "title": "seamonkey security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2008-02-11T00:20:26", "id": "CESA-2008:0104-01", "href": "https://lists.centos.org/pipermail/centos-announce/2008-February/076844.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-09-08T09:57:14", "description": "**CentOS Errata and Security Advisory** CESA-2008:0104\n\n\nSeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain malformed\r\nweb content. A webpage containing malicious content could cause SeaMonkey\r\nto crash, or potentially execute arbitrary code as the user running\r\nSeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\r\n\r\nSeveral flaws were found in the way SeaMonkey displayed malformed web\r\ncontent. A webpage containing specially-crafted content could trick a user\r\ninto surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\r\n\r\nA flaw was found in the way SeaMonkey stored password data. If a user\r\nsaves login information for a malicious website, it could be possible\r\nto corrupt the password database, preventing the user from properly\r\naccessing saved password data. (CVE-2008-0417)\r\n\r\nA flaw was found in the way SeaMonkey handles certain chrome URLs. If a\r\nuser has certain extensions installed, it could allow a malicious website\r\nto steal sensitive session data. Note: this flaw does not affect a default\r\ninstallation of SeaMonkey. (CVE-2008-0418)\r\n\r\nA flaw was found in the way SeaMonkey saves certain text files. If a\r\nwebsite offers a file of type \"plain/text\", rather than \"text/plain\",\r\nSeaMonkey will not show future \"text/plain\" content to the user in the\r\nbrowser, forcing them to save those files locally to view the content.\r\n(CVE-2008-0592)\r\n\r\nUsers of SeaMonkey are advised to upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076823.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076824.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076829.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076830.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076835.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076836.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076841.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076842.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2008:0104", "cvss3": {}, "published": "2008-02-08T19:04:30", "type": "centos", "title": "seamonkey security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2008-02-10T13:31:44", "id": "CESA-2008:0104", "href": "https://lists.centos.org/pipermail/centos-announce/2008-February/076823.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-09-08T09:58:27", "description": "**CentOS Errata and Security Advisory** CESA-2008:0105\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\r\n\r\nA heap-based buffer overflow flaw was found in the way Thunderbird\r\nprocessed messages with external-body Multipurpose Internet Message\r\nExtensions (MIME) types. A HTML mail message containing malicious content\r\ncould cause Thunderbird to execute arbitrary code as the user running\r\nThunderbird. (CVE-2008-0304)\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain malformed\r\nHTML mail content. A HTML mail message containing malicious content could\r\ncause Thunderbird to crash, or potentially execute arbitrary code as the\r\nuser running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\r\nCVE-2008-0419)\r\n\r\nSeveral flaws were found in the way Thunderbird displayed malformed HTML\r\nmail content. A HTML mail message containing specially-crafted content\r\ncould trick a user into surrendering sensitive information. (CVE-2008-0420,\r\nCVE-2008-0591, CVE-2008-0593)\r\n\r\nA flaw was found in the way Thunderbird handles certain chrome URLs. If a\r\nuser has certain extensions installed, it could allow a malicious HTML mail\r\nmessage to steal sensitive session data. Note: this flaw does not affect a\r\ndefault installation of Thunderbird. (CVE-2008-0418)\r\n\r\nNote: JavaScript support is disabled by default in Thunderbird; the above\r\nissues are not exploitable unless JavaScript is enabled.\r\n\r\nA flaw was found in the way Thunderbird saves certain text files. If a\r\nremote site offers a file of type \"plain/text\", rather than \"text/plain\",\r\nThunderbird will not show future \"text/plain\" content to the user, forcing\r\nthem to save those files locally to view the content. (CVE-2008-0592)\r\n\r\nUsers of thunderbird are advised to upgrade to these updated packages,\r\nwhich contain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076827.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076828.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076833.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076834.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076838.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-February/076845.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2008:0105", "cvss3": {}, "published": "2008-02-08T19:19:22", "type": "centos", "title": "thunderbird security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2008-02-11T16:37:14", "id": "CESA-2008:0105", "href": "https://lists.centos.org/pipermail/centos-announce/2008-February/076827.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:45:32", "description": "Mozilla Firefox is an open source Web browser.\r\n\r\nSeveral flaws were found in the way Firefox processed certain malformed web\r\ncontent. A webpage containing malicious content could cause Firefox to\r\ncrash, or potentially execute arbitrary code as the user running Firefox.\r\n(CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\r\n\r\nSeveral flaws were found in the way Firefox displayed malformed web\r\ncontent. A webpage containing specially-crafted content could trick a user\r\ninto surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\r\n\r\nA flaw was found in the way Firefox stored password data. If a user saves\r\nlogin information for a malicious website, it could be possible to corrupt\r\nthe password database, preventing the user from properly accessing saved\r\npassword data. (CVE-2008-0417)\r\n\r\nA flaw was found in the way Firefox handles certain chrome URLs. If a user\r\nhas certain extensions installed, it could allow a malicious website to\r\nsteal sensitive session data. Note: this flaw does not affect a default\r\ninstallation of Firefox. (CVE-2008-0418)\r\n\r\nA flaw was found in the way Firefox saves certain text files. If a\r\nwebsite offers a file of type \"plain/text\", rather than \"text/plain\",\r\nFirefox will not show future \"text/plain\" content to the user in the\r\nbrowser, forcing them to save those files locally to view the content.\r\n(CVE-2008-0592) \r\n\r\nUsers of firefox are advised to upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-02-07T00:00:00", "type": "redhat", "title": "(RHSA-2008:0103) Critical: firefox security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2017-09-08T07:53:52", "id": "RHSA-2008:0103", "href": "https://access.redhat.com/errata/RHSA-2008:0103", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:36:01", "description": "SeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain malformed\r\nweb content. A webpage containing malicious content could cause SeaMonkey\r\nto crash, or potentially execute arbitrary code as the user running\r\nSeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\r\n\r\nSeveral flaws were found in the way SeaMonkey displayed malformed web\r\ncontent. A webpage containing specially-crafted content could trick a user\r\ninto surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\r\n\r\nA flaw was found in the way SeaMonkey stored password data. If a user\r\nsaves login information for a malicious website, it could be possible\r\nto corrupt the password database, preventing the user from properly\r\naccessing saved password data. (CVE-2008-0417)\r\n\r\nA flaw was found in the way SeaMonkey handles certain chrome URLs. If a\r\nuser has certain extensions installed, it could allow a malicious website\r\nto steal sensitive session data. Note: this flaw does not affect a default\r\ninstallation of SeaMonkey. (CVE-2008-0418)\r\n\r\nA flaw was found in the way SeaMonkey saves certain text files. If a\r\nwebsite offers a file of type \"plain/text\", rather than \"text/plain\",\r\nSeaMonkey will not show future \"text/plain\" content to the user in the\r\nbrowser, forcing them to save those files locally to view the content.\r\n(CVE-2008-0592)\r\n\r\nUsers of SeaMonkey are advised to upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-02-07T00:00:00", "type": "redhat", "title": "(RHSA-2008:0104) Critical: seamonkey security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2019-03-22T19:43:18", "id": "RHSA-2008:0104", "href": "https://access.redhat.com/errata/RHSA-2008:0104", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T04:44:24", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\r\n\r\nA heap-based buffer overflow flaw was found in the way Thunderbird\r\nprocessed messages with external-body Multipurpose Internet Message\r\nExtensions (MIME) types. A HTML mail message containing malicious content\r\ncould cause Thunderbird to execute arbitrary code as the user running\r\nThunderbird. (CVE-2008-0304)\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain malformed\r\nHTML mail content. A HTML mail message containing malicious content could\r\ncause Thunderbird to crash, or potentially execute arbitrary code as the\r\nuser running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\r\nCVE-2008-0419)\r\n\r\nSeveral flaws were found in the way Thunderbird displayed malformed HTML\r\nmail content. A HTML mail message containing specially-crafted content\r\ncould trick a user into surrendering sensitive information. (CVE-2008-0420,\r\nCVE-2008-0591, CVE-2008-0593)\r\n\r\nA flaw was found in the way Thunderbird handles certain chrome URLs. If a\r\nuser has certain extensions installed, it could allow a malicious HTML mail\r\nmessage to steal sensitive session data. Note: this flaw does not affect a\r\ndefault installation of Thunderbird. (CVE-2008-0418)\r\n\r\nNote: JavaScript support is disabled by default in Thunderbird; the above\r\nissues are not exploitable unless JavaScript is enabled.\r\n\r\nA flaw was found in the way Thunderbird saves certain text files. If a\r\nremote site offers a file of type \"plain/text\", rather than \"text/plain\",\r\nThunderbird will not show future \"text/plain\" content to the user, forcing\r\nthem to save those files locally to view the content. (CVE-2008-0592)\r\n\r\nUsers of thunderbird are advised to upgrade to these updated packages,\r\nwhich contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-02-07T00:00:00", "type": "redhat", "title": "(RHSA-2008:0105) Critical: thunderbird security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2017-09-08T07:55:03", "id": "RHSA-2008:0105", "href": "https://access.redhat.com/errata/RHSA-2008:0105", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:42:35", "description": "Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser.\n\nSeveral flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n\nSeveral flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n\nA flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418)\n\nA flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\n\nUsers of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-02-11T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : firefox (RHSA-2008:0103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:firefox", "p-cpe:/a:redhat:enterprise_linux:firefox-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0103.NASL", "href": "https://www.tenable.com/plugins/nessus/30245", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0103. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(30245);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_bugtraq_id(24293, 27406, 27683);\n script_xref(name:\"RHSA\", value:\"2008:0103\");\n\n script_name(english:\"RHEL 4 / 5 : firefox (RHSA-2008:0103)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser.\n\nSeveral flaws were found in the way Firefox processed certain\nmalformed web content. A webpage containing malicious content could\ncause Firefox to crash, or potentially execute arbitrary code as the\nuser running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\nCVE-2008-0419)\n\nSeveral flaws were found in the way Firefox displayed malformed web\ncontent. A webpage containing specially crafted content could trick a\nuser into surrendering sensitive information. (CVE-2008-0591,\nCVE-2008-0593)\n\nA flaw was found in the way Firefox stored password data. If a user\nsaves login information for a malicious website, it could be possible\nto corrupt the password database, preventing the user from properly\naccessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way Firefox handles certain chrome URLs. If a\nuser has certain extensions installed, it could allow a malicious\nwebsite to steal sensitive session data. Note: this flaw does not\naffect a default installation of Firefox. (CVE-2008-0418)\n\nA flaw was found in the way Firefox saves certain text files. If a\nwebsite offers a file of type 'plain/text', rather than 'text/plain',\nFirefox will not show future 'text/plain' content to the user in the\nbrowser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\n\nUsers of firefox are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0412\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0413\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0418\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0592\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0103\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox and / or firefox-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 79, 94, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0103\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"firefox-1.5.0.12-0.10.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-1.5.0.12-9.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-devel-1.5.0.12-9.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-devel\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:21", "description": "Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser.\n\nSeveral flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n\nSeveral flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n\nA flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418)\n\nA flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\n\nUsers of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-02-11T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : firefox (CESA-2008:0103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:firefox", "p-cpe:/a:centos:centos:firefox-devel", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0103.NASL", "href": "https://www.tenable.com/plugins/nessus/30220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0103 and \n# CentOS Errata and Security Advisory 2008:0103 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(30220);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_bugtraq_id(24293, 27406, 27683);\n script_xref(name:\"RHSA\", value:\"2008:0103\");\n\n script_name(english:\"CentOS 4 / 5 : firefox (CESA-2008:0103)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser.\n\nSeveral flaws were found in the way Firefox processed certain\nmalformed web content. A webpage containing malicious content could\ncause Firefox to crash, or potentially execute arbitrary code as the\nuser running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\nCVE-2008-0419)\n\nSeveral flaws were found in the way Firefox displayed malformed web\ncontent. A webpage containing specially crafted content could trick a\nuser into surrendering sensitive information. (CVE-2008-0591,\nCVE-2008-0593)\n\nA flaw was found in the way Firefox stored password data. If a user\nsaves login information for a malicious website, it could be possible\nto corrupt the password database, preventing the user from properly\naccessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way Firefox handles certain chrome URLs. If a\nuser has certain extensions installed, it could allow a malicious\nwebsite to steal sensitive session data. Note: this flaw does not\naffect a default installation of Firefox. (CVE-2008-0418)\n\nA flaw was found in the way Firefox saves certain text files. If a\nwebsite offers a file of type 'plain/text', rather than 'text/plain',\nFirefox will not show future 'text/plain' content to the user in the\nbrowser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\n\nUsers of firefox are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014663.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d6964e64\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014664.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?97b58275\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014669.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe0b320f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014670.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?216e4c50\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014675.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36284eef\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 79, 94, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"firefox-1.5.0.12-0.10.el4.centos\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"firefox-1.5.0.12-9.el5.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"firefox-devel-1.5.0.12-9.el5.centos\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:55", "description": "Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n\nSeveral flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n\nA flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418)\n\nA flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', SeaMonkey will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080207_SEAMONKEY_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60356", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60356);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n\n script_name(english:\"Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the way SeaMonkey processed certain\nmalformed web content. A webpage containing malicious content could\ncause SeaMonkey to crash, or potentially execute arbitrary code as the\nuser running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\nCVE-2008-0419)\n\nSeveral flaws were found in the way SeaMonkey displayed malformed web\ncontent. A webpage containing specially crafted content could trick a\nuser into surrendering sensitive information. (CVE-2008-0591,\nCVE-2008-0593)\n\nA flaw was found in the way SeaMonkey stored password data. If a user\nsaves login information for a malicious website, it could be possible\nto corrupt the password database, preventing the user from properly\naccessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way SeaMonkey handles certain chrome URLs. If\na user has certain extensions installed, it could allow a malicious\nwebsite to steal sensitive session data. Note: this flaw does not\naffect a default installation of SeaMonkey. (CVE-2008-0418)\n\nA flaw was found in the way SeaMonkey saves certain text files. If a\nwebsite offers a file of type 'plain/text', rather than 'text/plain',\nSeaMonkey will not show future 'text/plain' content to the user in the\nbrowser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0802&L=scientific-linux-errata&T=0&P=563\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e2e0135\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(22, 79, 94, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-chat-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-devel-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-dom-inspector-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-js-debugger-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-mail-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nspr-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nspr-devel-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nss-1.0.9-0.9.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nss-devel-1.0.9-0.9.el3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-chat-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-devel-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-dom-inspector-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-js-debugger-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-mail-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-nspr-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-nspr-devel-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-nss-1.0.9-9.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-nss-devel-1.0.9-9.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:39:47", "description": "From Red Hat Security Advisory 2008:0104 :\n\nUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.\n\nSeveral flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n\nSeveral flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n\nA flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418)\n\nA flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', SeaMonkey will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\n\nUsers of SeaMonkey are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 / 4 : seamonkey (ELSA-2008-0104)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:seamonkey", "p-cpe:/a:oracle:linux:seamonkey-chat", "p-cpe:/a:oracle:linux:seamonkey-devel", "p-cpe:/a:oracle:linux:seamonkey-dom-inspector", "p-cpe:/a:oracle:linux:seamonkey-js-debugger", "p-cpe:/a:oracle:linux:seamonkey-mail", "p-cpe:/a:oracle:linux:seamonkey-nspr", "p-cpe:/a:oracle:linux:seamonkey-nspr-devel", "p-cpe:/a:oracle:linux:seamonkey-nss", "p-cpe:/a:oracle:linux:seamonkey-nss-devel", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2008-0104.NASL", "href": "https://www.tenable.com/plugins/nessus/67648", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0104 and \n# Oracle Linux Security Advisory ELSA-2008-0104 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67648);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_bugtraq_id(24293, 27406, 27683);\n script_xref(name:\"RHSA\", value:\"2008:0104\");\n\n script_name(english:\"Oracle Linux 3 / 4 : seamonkey (ELSA-2008-0104)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0104 :\n\nUpdated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 2.1, 3, and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, advanced email and newsgroup\nclient, IRC chat client, and HTML editor.\n\nSeveral flaws were found in the way SeaMonkey processed certain\nmalformed web content. A webpage containing malicious content could\ncause SeaMonkey to crash, or potentially execute arbitrary code as the\nuser running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\nCVE-2008-0419)\n\nSeveral flaws were found in the way SeaMonkey displayed malformed web\ncontent. A webpage containing specially crafted content could trick a\nuser into surrendering sensitive information. (CVE-2008-0591,\nCVE-2008-0593)\n\nA flaw was found in the way SeaMonkey stored password data. If a user\nsaves login information for a malicious website, it could be possible\nto corrupt the password database, preventing the user from properly\naccessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way SeaMonkey handles certain chrome URLs. If\na user has certain extensions installed, it could allow a malicious\nwebsite to steal sensitive session data. Note: this flaw does not\naffect a default installation of SeaMonkey. (CVE-2008-0418)\n\nA flaw was found in the way SeaMonkey saves certain text files. If a\nwebsite offers a file of type 'plain/text', rather than 'text/plain',\nSeaMonkey will not show future 'text/plain' content to the user in the\nbrowser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)\n\nUsers of SeaMonkey are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000507.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000510.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 79, 94, 119, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.9.el3.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.9.el3.0.1\")) flag++;\n\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-9.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-9.el4.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:54", "description": "Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n\nSeveral flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n\nA flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417)\n\nA flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418)\n\nA flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content.\n(CVE-2008-0592)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080207_FIREFOX_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60355", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60355);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modific